Senior Security Specialist (NAVIFOR) In pursuit of a future contract award, Digital Enterprise Solutions, Inc. (DESI) is seeking a Senior Security Specialist to join our team of qualified, diverse professionals. This is a full-time (regular) exempt (salary) position located in Suffolk, VA with potential for limited telework, subject to customer approval. Where innovation meets excellence, we drive the future of technology. As a valued member of our team, you will play a key role in delivering state-of-the-art Information Technology solutions for the Naval Information Forces (NAVIFOR) N4 Directorate. We are looking for qualified candidates who are ready to collaborate, innovate, and make an impact in a fast-paced, forward-looking environment where teamwork is at the heart of our success. ROLES/RESPONSIBILITIES: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies. Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Respond to computer security breaches, spillages, and viruses. Responsible for maintaining cyber hygiene of the systems in accordance with DOD and DON policy and the program continuous monitoring strategy. Oversee system compliance with the system Authorization Decision Document (ADD) and ensure no changes are made capable of affecting the ADD without proper authorization from the NAO. Responsible for ensuring all cybersecurity documentation is maintained and updated per DOD and DON policy. Maintain application and system configuration management in required DON and DOD reporting tools and applications. Perform system audits to ensure alignment with ADD and approved baselines. EDUCATION/EXPERIENCE REQUIREMENTS: To be considered for this position, you must meet the education and experience listed below: Over ten (10) years of experience developing and implementing system cybersecurity solutions. BA/BS from a US Department of Education accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, Computer Engineering, Mathematics field or Engineering field. Two (2) years of relevant experience may be substituted for one (1) year of formal education as follows: AA/AS plus an additional 4 years of experience (14 years total) High School diploma plus an additional 8 years of experience (18 total) MINIMUM QUALIFICATIONS: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: Experience with the Risk Management Framework (RMF), identifying and tailoring security control baselines with applicable overlays, developing and maintaining the Security Plan for RMF, leading security control implementation and testing, performing vulnerability risk assessments in accordance with RMF Process Guide, assisting with security testing as required for Authorization and Accreditation (A&A) or annual security reviews, assisting in mitigating and closing open vulnerabilities, and recording security control compliance for systems. Experience managing system cybersecurity controls, status, and artifacts in eMASS application. Experience in developing and managing configuration management (change configuration/release management) processes. Experience with Atlassian Jira or similar issue and project tracking software. Experience with Atlassian Confluence or similar knowledge management software. Active DoD Secret clearance. IAT II or III certification (e.g., Security, CISSP, or equivalent). Excellent written and verbal communication skills. US Citizenship is required due to US government contract requirements. PREFERRED QUALIFICATIONS: Candidates with experience or knowledge in these desired skills will be given preferential consideration: Familiarity with CAS, NTIRA, CENTRIXS-M, and SECREL systems. Experience with AWS GovCloud, cloud security, and DevSecOps integration. Strong background in incident response, risk assessment, and security control implementation. Experience working in Agile/Scrum environments. Proficiency in network security, ITSM frameworks (ITIL, COBIT, or CMMI), and risk management methodologies. ITIL v3 (or later) foundations certification. Relevant AWS cloud certification(s), preferably AWS Certified Security – Specialty. COMPENSATION & BENEFITS: The compensation range is based on industry compensation data and/or position budget and reflects our commitment to transparency and fairness: The annual compensation range is $150,000 to $170,000, commensurate with education, certifications, and experience. Other compensation may include discretionary bonuses, referral rewards, and spot awards. Full-time benefits include comprehensive health insurance (medical, dental, vision), Health Reimbursement Account (HRA), paid time off, paid holidays, life insurance with accidental death and dismemberment, short-term disability insurance, long-term disability, 401(k) with matching, This position is contingent upon contract award. Eligible for External Referral Program. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, pregnancy, childbirth or related medical conditions, age, military status, disability, ethnic or national origin, or other legally protected status. For a listing of all DESI open positions, please visit the “Careers” section of our website at https://www.ilikedesi.com/careers