Senior Cybersecurity Specialist

Senior Cyber Security Specialist As the Senior Cyber Security Specialist on a prime federal contract, you will lead the day-to-day continuous security monitoring for federal information systems aligned to NIST RMF and agency policies. You will partner with system owners, engineers, other agency contractors and AO staff to maintain the security posture through the continuous monitoring program. This role is fully remote with occasional planned after-hours support. A strong background in systems and network administration is required to assess control implementations, validate configurations, and guide secure operations. Compensation & Benefits: Estimated Starting Salary Range for Senior Cyber Security Specialist: $150,000 - $170,000 Pay commensurate with experience. Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice. Senior Cyber Security Specialist Responsibilities Include: • Execute RMF for assigned systems: categorize, select, implement, assess, authorize, and monitor controls (NIST SP 800-37/160/53/53A/82). • Drive continuous monitoring: control assessments, vulnerability scanning, patch verification, configuration audits, log reviews, and evidence collection. • Validate technical control implementation across OS, network devices, and cloud services; review hardening baselines and configuration drift. • Use existing tools and workflows to coordinate change control, incident management, and problem management aligned to security requirements. • Conduct risk assessments and security impact analyses; recommend mitigations aligned to mission risk tolerance. • Coordinate incident handling with SOC/IR teams: triage, containment, documentation, reporting, and lessons learned. • Provide technical reviews and oversight for enforcement of secure baselines (CIS, STIGs). • Collaborate with security engineering to remediate vulnerabilities, optimize patch cycles, and maintain secure configurations for servers, endpoints, firewalls, routers, and switches. • Support secure implementation and configuration of Operational Technology/Internet of Things (OT/IoT) capabilities • Provide technical review of IT systems design as part of agency IT projects • Ensure compliance with FISMA, OMB guidance, agency directives, and overlays (e.g., FedRAMP for cloud). • Support POA&M and Acceptance of Risk (AOR) lifecycle: triage findings, define remediation, track progress, validate closure, and produce dashboards/reports. • Review security documentation: SSP, SAP/SAR, Contingency Plan, Incident Response Plan, and related artifacts. • Support ATO sustainment and reauthorization; review assessment packages and respond to AO/ISO inquiries. • Prepare concise security status reports, dashboards, and briefings to leadership and contract stakeholders. • Effective collaboration with distributed teams and government stakeholders via secure tools is essential. Senior Cyber Security Specialist Experience, Education, Skills, Abilities requested: • Bachelor’s degree in IT, cybersecurity, or related field; or equivalent experience. • 5+ years of hands-on systems and network engineering/administration experience, including: • Administering Windows and Linux servers, AD/Group Policy, endpoint management (e.g., MECM/SCCM, Red Hat OpenShift). • Network fundamentals and device administration (firewalls, routers, switches), VLANs, ACLs, VPNs, and routing. • Secure configuration baselines (CIS benchmarks, DISA STIGs) and hardening practices. • 3+ years as an ISSO equivalent or in a federal security compliance role. • Strong command of NIST RMF, SP 800-53/53A controls, and FISMA reporting. • Experience with vulnerability management tools (e.g., Tenable/Nessus, Qualys) and patch management workflows. • Experience with SIEM/log management (e.g., Splunk, Elastic); log parsing and correlation. • Reviewing and overseeing the Security Assessment Report (SAR) to maintain the system ATO. • Hands-on experience for: • POA&M and AOR tracking and remediation workflows. • Dashboarding and metric reporting for vulnerability and compliance status. • Proven ability to author and maintain SSPs, and assessment evidence. • Strong communication skills; able to brief technical and non-technical stakeholders across a distributed, remote team. • U.S. citizenship. • Ability to obtain and maintain a Public Trust suitability determination; prior Public Trust preferred. Preferred Qualifications • Certifications: CISSP, Security+, CCSP, or CISM; systems/network certs such as Network+, CCNA, MCSA, RHCSA are a plus. ITIL is a plus. • Experience with vulnerability scanners. • Experience with FedRAMP Moderate/High and cloud security (AWS, Azure, GCP), including IAM, logging, and native security services. • Automation/scripting for compliance evidence or configuration management (e.g., PowerShell, Bash, Python, Ansible). • Familiarity with agency GRC tools (e.g., CSAM). • Experience supporting audits (IG, GAO) and metric-driven continuous monitoring. Company Information: Criterion is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about Criterion, visit cherokee-federal.com. #CherokeeFederal #LI #LI-RA1 Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. Similar searchable job titles: • Senior Physical Security Specialist • Security Program Manager • Government Security Specialist • Senior Security Analyst (Physical / Personnel) • Physical Security Program Specialist Keywords: • Physical Security • Continuity of Operations (COOP) • Personnel Security • PIV Credentialing (HSPD-12) • Security Program Management Legal Disclaimer: All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state or local law. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal. Apply tot his job