Cyber Support Specialist

Position Overview

Cyber Support Specialist a key role in supporting cybersecurity activities required to validate and sustain compliance with the Risk Management Framework (RMF) for project infrastructure and services. This position assists with Assessment and Authorization (A&A) efforts, researches and translates risk information, and partners with client stakeholders to provide input and best-practice recommendations that inform security-related decision making. The role also supports the definition and implementation of security requirements, contributes to the design and testing of security components, and performs vulnerability and code scanning analysis to identify and report security impacts.

Key Responsibilities

• Support Assessment and Authorization activities required to validate and maintain RMF compliance for project infrastructure, systems, and services.

• Assist in defining cybersecurity and application security requirements for project initiatives.

• Support the design, structuring, and testing of security components and control implementations.

• Identify, analyze, and report security impacts using COTS vulnerability scanning tools and static and dynamic code scanning tools.

• Assist with vulnerability management activities, including findings review, documentation, reporting, and remediation tracking.

• Prepare management-level communications, status reporting, and cybersecurity metrics.

• Support security assessments of applications and infrastructure against RMF controls and development security requirements.

• Document compliance evidence, assessment results, and remediation activities to support ongoing authorization and continuous monitoring.

• Collaborate with technical teams, security stakeholders, and program leadership to address security gaps and strengthen compliance posture.

• Maintain focus and effectiveness in a high-intensity environment, including support for rotating 12-hour shifts with 4 days on and 3 days off, as required.

Required Qualifications

• Bachelor's degree in cybersecurity, information technology, computer science, or a related field.

• 3 to 5 years of relevant cybersecurity experience.

• Experience supporting RMF and Assessment and Authorization processes.

• Knowledge of RMF controls and their applicability to application security.

• Experience supporting security requirements definition, control implementation, and testing activities.

• Experience identifying, analyzing, and reporting vulnerabilities and security impacts.

• Familiarity with COTS vulnerability scanning tools and static and dynamic code scanning tools.

• Ability to communicate technical issues, risks, and metrics effectively to management audiences.

• Working knowledge of vulnerability management and reporting processes.

• Understanding of application security and development security requirements.

• Familiarity with OWASP Top 10 and common web application security risks.

• Ability to work effectively in a fast-paced operational environment and adapt to changing priorities.

• Ability to work a rotating 12-hour shift schedule with 4 days on and 3 days off, when required.

Preferred Qualifications

• CompTIA Security+ certification.

• DoD 8140-compliant certification at the intermediate or advanced level.

• Experience in cloud cyber defense.

• Experience supporting application security in infrastructure and service environments.

• Strong analytical, documentation, and reporting skills.

• Ability to prepare concise executive-ready status updates and performance metrics.

• Demonstrated adaptability and effectiveness during high-intensity operational periods.

Job Specific Skills

• Risk Management Framework (RMF) controls and application security - Advanced

• Cyber Security Management - Advanced

• Cloud Cyber Defense - Intermediate

• Code scanning tools - Intermediate

• Vulnerability Management and Reporting - Intermediate

• OWASP Top 10 - Intermediate

• Application Security and Development Security Requirements - Intermediate

• Adaptability and operational resilience in rotating shift environments - Intermediate

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

$66900 - $115,000

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.