DSS, Inc. Logo

DSS, Inc.

Cybersecurity Specialist - Mid/Senior - SBG REMOTE

Posted 21 Days Ago
Be an Early Applicant
In-Office or Remote
Hiring Remotely in 22314, Alexandria, VA
130K-160K Annually
Senior level
In-Office or Remote
Hiring Remotely in 22314, Alexandria, VA
130K-160K Annually
Senior level
Assess application security against FedRAMP High and NIST RMF baselines, support ATO documentation and SSP/POA&M development, identify security gaps and remediation, evaluate Zero Trust and continuous monitoring, perform vulnerability reviews, and collaborate with cloud architects and ISVs to guide remediation and compliance readiness.
The summary above was generated by AI

SBG Technology Solutions, Inc. (SBG), a DSS, Inc. company, offers IT Governance, Systems Engineering, Enterprise Modernization, Artificial Intelligence, and Cyber Security innovation to federal and commercial clients nationwide. 

Overview

The Cybersecurity Specialist ensures all applications meet FedRAMP High security and compliance requirements throughout the assessment and onboarding process for DSS Health Cloud, a FedRAMP High authorized healthcare-focused platform hosted in an AWS Government enclave environment. This role supports Independent Software Vendors (ISVs) and government applications by identifying security gaps, supporting authorization documentation, and validating alignment with applicable federal cybersecurity frameworks.

The Cybersecurity Specialist will:

  • Assesses application security posture, including logging, auditing, and control implementation, against FedRAMP High baseline requirements

  • Supports Authority to Operate (ATO) documentation efforts and compliance readiness activities for applications undergoing onboarding assessment

  • Identifies cybersecurity gaps across assessed applications and recommends prioritized remediation actions with supporting rationale

  • Evaluates application and environment alignment with Zero Trust architecture principles and continuous monitoring requirements

  • Supports development of System Security Plans (SSPs), Plan of Action and Milestones (POA&M) inputs, and related security authorization artifacts

  • Applies Risk Management Framework (RMF) processes to security assessment activities and documents findings in accordance with NIST guidelines

  • Reviews identity, access control, and encryption implementations to verify compliance with applicable standards and FedRAMP controls

  • Conducts vulnerability management reviews and evaluates continuous monitoring capabilities for onboarding candidates

  • Collaborates with cloud architects, program managers, and ISV technical teams to communicate security findings and guide remediation planning

Other Duties:

  • Performs other duties as assigned by management in support of SBG Technology Solutions contract objectives

  • Travel requirements: occasional travel as required by project needs (estimated up to 10% per year)

Conditions of Employment:

  • Must be a US Citizen 

  • Must be able to pass a Federal background check

  • Must be determined suitable for federal employment

Security and Privacy Duties and Responsibilities

Individuals working for SBG Technology Solutions, Inc, a DSS, Inc. will be subject to security and privacy requirements as explained in HIPAA, FedRAMP, and NIST 800-53. Additionally, they are required to undergo specific FedRAMP training to ensure compliance with all associated controls and responsibilities in the day-to-day performance of their duties. Individuals working in departments that are considered to be in the high-risk category will be required to undergo advanced training based on their role and level of access. Individuals with access to modify data and the configuration baseline will require further training.

The preceding functions are examples of the work performed by employees assigned to this job classification.  Management reserves the right to add, modify, change or rescind work assignments and make a reasonable accommodation as needed.

Qualifications

Required Skills:

  • In-depth knowledge of FedRAMP High security controls and the NIST Risk Management Framework (RMF) process

  • Proficiency in security architecture review and cloud security engineering within AWS or comparable government cloud environments

  • Experience conducting vulnerability management assessments and evaluating continuous monitoring programs

  • Working knowledge of identity and access management (IAM), encryption standards, and access control frameworks

  • Ability to develop and review authorization documentation including SSPs, POA&Ms, and security assessment reports

  • Strong analytical and written communication skills; able to document and present security findings clearly to both technical and non-technical audiences

  • Capable of managing concurrent assessment workstreams and delivering findings within defined project timelines

Preferred Skills:

  • Familiarity with HIPAA Security Rule requirements and healthcare application security considerations

  • Experience with AWS security tooling (e.g., AWS Security Hub, GuardDuty, CloudTrail, Config)

  • Knowledge of DevSecOps practices and secure software development lifecycle (SSDLC) methodologies

Education:

Required:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related technical discipline

  • A combination of education and experience will be considered (2 years of relevant experience equivalent to 1 year in a degree program)

Desired: Master's degree in Cybersecurity, Information Assurance, or a related field

Certification(s), Licenses:

Desired:

    • Certified Information Systems Security Professional (CISSP)

    • Certified Information Security Manager (CISM)

    • CompTIA Security+ or equivalent federal baseline certification

    • AWS Certified Security – Specialty

Years of experience in a similar role:

Required: 8+ years of cybersecurity experience in federal or regulated environments, with demonstrated engagement in FedRAMP or RMF processes

Desired: 10+ years of cybersecurity experience including direct responsibility for ATO support or FedRAMP authorization activities

Physical Demands:

Standing

5% per day

Sitting

90% per day

Walking

5% per day

Stooping

Minimal

Lifting

Up to 10 lbs. unassisted, several times a day (laptop, office equipment, office supplies, etc.)

Computer Work

85% per day

Telephone Work

15% per day

Reading

20% per day

Other, please specify

Travel unassisted up to ___% per year, via common carrier and/or personal automobile.

SBGTS, Inc. is an Equal Opportunity Employer

If you need an accommodation seeking employment with SBGTS, Inc., please e-mail [email protected] or call (561) 284-7333. Accommodations are made on a case-by-case basis.


Similar Jobs

2 Minutes Ago
Easy Apply
Remote
United States
Easy Apply
Mid level
Mid level
Cloud • Security • Software • Cybersecurity • Automation
Own a book of mid-market accounts across the Balkans, running full sales cycles from discovery to close. Build customer relationships, document buying criteria and accurate pipeline data, perform win/loss analyses, collaborate with technical and post-sales teams, and contribute customer feedback and best practices to improve GitLab's sales processes.
Top Skills: AIDevsecopsGitGitlab
3 Hours Ago
Remote or Hybrid
145K-240K Annually
Senior level
145K-240K Annually
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Lead enterprise sales into U.S. Intelligence Community agencies across the NoVA/DC corridor. Build and manage pipeline, evangelize the Armis Centrix platform for hybrid and air-gapped environments, partner with federal systems integrators, navigate classified procurement and funding cycles, and work with cleared sales engineers to deliver technical demonstrations and drive Programs of Record.
Top Skills: ArmisArmis CentrixCloud-NativeCspmCwppServicenowVeza
3 Hours Ago
Remote or Hybrid
United States
116K-145K Annually
Senior level
116K-145K Annually
Senior level
Artificial Intelligence • Big Data • Cloud • Information Technology • Software • Big Data Analytics • Automation
Lead and operationalize internal communications strategy by building governance, planning enterprise communications, enabling leaders and managers, advising stakeholders, and scaling through playbooks, AI, and self-service resources to drive consistent, clear employee communications during change and major company moments.

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account