Job Description

Duties May Include:

• Apply RMF processes to support system Assessment & Authorization (A&A), including control selection, implementation, assessment, and continuous monitoring
• Develop, review, and maintain security documentation such as SSPs, POA&Ms, SARs, and ATO artifacts in tools such as XACTA or eMASS
• Conduct vulnerability assessments and compliance scans (e.g., ACAS) and track remediation of findings and IAVM requirements
• Implement and validate security controls aligned with NIST 800-53, CNSSI 1253, and related DoD guidance
• Support system hardening, patching, and configuration management in compliance with STIGs for Linux, Windows, and network devices
• Monitor systems for security events and support incident response and risk mitigation activities
• Assess security impacts of system changes and support configuration control boards (CCBs)
• Collaborate with system engineers, administrators, and DevSecOps teams to integrate security throughout the system lifecycle
• Provide cybersecurity risk input to program leadership, Authorizing Officials (AOs), and stakeholders

Requirements

Required Qualifications:

• Bachelor's degree with 5+ years of experience (or equivalent experience)
• DoD 8570 IAT Level II or higher certification (e.g., Security+, CySA+, CISSP)
• Experience with RMF, A&A, POA&M, and ATO documentation (XACTA/eMASS)
• Hands-on vulnerability scanning and compliance tracking (ACAS, IAVM)
• Experience securing Linux and Windows systems, STIGs, patching, and system hardening
• Knowledge of NIST 800-series publications and incident response processes
• Strong analytical, communication, and collaboration skills
• US Citizenship required
• Active or current (within two years of active) Top Secret clearance with SCI eligibility

Desired Qualifications:

• Scripting or development experience (Python, Java, React)
• DevSecOps tools and pipeline experience
• Experience with Linux (Red Hat/CentOS), databases, web apps, or big data platforms
• Familiarity with Agile environments and tools (Jira, Confluence)
• Experience with NIST SP 800-171 and System Security Engineering (SSE)

Benefits

At Trinity Global Consulting (TGC), we value our employees and provide a comprehensive benefits package that includes:

• Medical, Dental & Vision Coverage – Coverage for eligible employees and family through CareFirst and VSP.
• Paid Time Off – PTO granted in accordance with contract requirements.
• Paid Holidays – 11 federal holidays observed annually.
• Disability & Life Insurance – Short-term/long-term disability, life insurance, and AD&D coverage included.
• 401(k) Retirement Plan – Competitive plan managed through Ameritas
• Professional Training – Formal training provided as required, with additional learning opportunities based on role.