We are seeking an experienced and motivated Cybersecurity Professional to safeguard mission-critical systems by blending compliance expertise with hands-on security engineering. You will guide programs through the full Risk Management Framework (RMF) lifecycle, develop and maintain security documentation, and work closely with engineers, developers, and program managers to integrate security into every phase of the system life cycle. This role is fully on-site.
- Develop, update, and maintain security documentation, including System Security Plans (SSP), POA&Ms, Security Assessment Reports, and Configuration Management records.
- Support security assessments and authorization packages, working with assessment teams and authorizing officials.
- Coordinate with system owners, developers, and administrators to ensure compliance with applicable policies, STIGs, and baseline configurations.
- Serve as a trusted advisor to leadership, explaining technical risks and recommending effective mitigations in plain language.
- Stay current on cybersecurity threats, tools, and best practices, recommending improvements to security posture.
- Ensure adherence to industry best practices, company and agency policies, and regulatory requirements.
- Create and maintain thorough documentation of plans, system configurations, and operational processes and procedures.
This position description may not reflect an immediate opening but could be used to identify candidates with the skills and experience for roles at COLSA that regularly become available. Candidates who express interest may be considered for current & future opportunities at COLSA.
At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals! Learn about our employee-centric culture and benefitshere.
Required Skills
Required Experience
Required Qualifications
- Associate's degree or higher in related field or equivalent experience
- 0 to 12 years of work related experience
- Active DoD Top Secret Clearance with SCI eligibility; U.S. Citizenship required.
- Must be able to pass the Counterintelligence (CI) Scope Polygraph within 180 days of hire.
- **Must be able to obtain and maintain Special Access Program (SAP) eligibility and maintain program accesses as required. **
- CompTIA Security+ CE, ISC2 SSCP, or equivalent baseline security certification.
- Experience implementing and maintaining NIST RMF across all steps from NIST SP 800-37.
- Ability to develop, maintain, and update System Security Plans (SSPs), POA&Ms, baselines, and other documentation.
- Knowledge of NIST SP 800-53 security controls and tailoring methods.
- Experience conducting risk assessments and recommending risk responses.
- Proven ability to prepare for and support security assessments, penetration testing, and vulnerability scanning.
- Ability to review audit logs, alerts, and vulnerability reports for compliance and anomaly detection.
- Strong analytical and critical thinking skills.
- Ability to work independently and collaboratively in a team environment.
Preferred Qualifications
- Knowledge of container security, DevSecOps pipelines, and Infrastructure as Code (IaC) security.
- Experience drafting or refining security policies, SOPs, and continuous improvement plans.
- Familiarity with SIEM platforms (Splunk and/or Elastic preferred), endpoint protection, and automated compliance tools.
- Experience with STIGs.
- Experience with SCAP, Nessus, OpenSCAP, or similar compliance scanning tools.
- ISC2 CISSP, ISACA CISM, or equivalent baseline security certification.
- Active TS//SCI clearance with a current CI Scope Polygraph.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.