Information Assurance Specialist

We are seeking a highly motivated Cybersecurity / Information Assurance (IA) Specialist to support systems in achieving and maintaining cybersecurity compliance and Authorization to Operate (ATO). The ideal candidate will have experience working within the Risk Management Framework (RMF) and supporting enterprise-level cybersecurity compliance efforts. This is a Hybrid position. Occasional travel to Crane, IN as needed. #LI-remote

Key Responsibilities

• Provide Information Assurance (IA) and cybersecurity support to ensure compliance with DoW cybersecurity policies and standards.
• Support the development, submission, and maintenance of ATO packages within the Enterprise Mission Assurance Support Service (eMASS).
• Create, update, and manage IA artifacts required for: Initial system authorization, Continuous monitoring, and System reauthorization / re-accreditation.
• Implement cybersecurity processes aligned with the Risk Management Framework (RMF), including: Security control identification and assessment, Control implementation documentation, and Authorization package support.
• Develop and maintain Plan of Actions and Milestones (POA&M) to track vulnerabilities and mitigation strategies.
• Coordinate with system stakeholders to track remediation efforts and ensure timely closure of findings.
• Identify, track, and remediate vulnerabilities in accordance with: Information Assurance Vulnerability Alerts (IAVAs) and Operational Directives (OPDIRs).
• Perform vulnerability scanning and compliance validation using Assured Compliance Assessment Solution (ACAS).
• Assess and document system compliance with Security Technical Implementation Guides (STIGs).
• Utilize STIG checklists and Security Content Automation Protocol (SCAP) tools for validation.
• Develop and maintain system security documentation, including: System management procedures, Standard operating procedures (SOPs), and Cybersecurity process documentation.
• Support Annual Security Reviews (ASRs) and assist in Verification and Validation (V&V) activities.
• Collaborate with Government and contractor personnel to ensure systems maintain continuous ATO compliance.

• Experience supporting cybersecurity efforts within DoD or federal environments.
• Strong knowledge of: Risk Management Framework (RMF), eMASS, and ATO processes and lifecycle management.
• Experience with vulnerability management and remediation tracking.
• Familiarity with ACAS, STIGs, and SCAP compliance tools.
• Ability to create and maintain detailed cybersecurity documentation.
• Strong communication and coordination skills across technical and non-technical stakeholders.
• Prior experience supporting system accreditation and continuous monitoring activities.
• Must be a U.S. Citizen.
• Must be able to obtain and maintain a Secret Security Clearance.

Education

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• Must have or be able to obtain a CompTIA Security Plus certification prior to start date.

About TRISTAR

TRISTAR is an SBA certified Service-Disabled Veteran-Owned professional services company supporting the U.S. Department of Defense programs. Our core competencies include Electronic Warfare, Enterprise Management, Full Spectrum Cybersecurity, Information Technology, Digital Transformation, Software Engineering and Development, Maritime Modernization and Engineering, and Technical Solutions.

TRISTAR was founded in March 1995 and has built an employee-focused collaborative environment which enables our team of professionals to create and deliver customized solutions to meet our customers' mission critical challenges. TRISTAR's core capabilities support customers with end-to-end solutions.

For over 30 years, TRISTAR has demonstrated and perfected our ability to successfully manage any task, small or large no matter how difficult or complex.

TRISTAR is proud to serve the Department of Defense and other Federal Agencies.

TRISTAR provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.