Overview of role:  

TM3 Solutions is seeking experienced Specialists, Information System Security III (SISS3) to join our team. In this senior-level role, you will lead information system security initiatives for DoD and federal clients by overseeing assessments, ensuring compliance, and managing risk using advanced tools. As an Information System Security Specialist III, you will secure complex systems, develop documentation, and guide accreditation processes in high-stakes regulated environments. This position requires extensive practical experience in cybersecurity-related fields. Candidates must hold an active Secret-level security clearance, with potential for higher classifications based on project needs. 

Role and Responsibilities 

The Specialist, Information System Security III (SISS3) leads advanced information system security efforts, including comprehensive assessments, compliance management, and utilization of tools like eMASS and ACAS. This role emphasizes leadership in accreditation and authorization (A&A) processes, in-depth risk analysis, and strategic collaboration to uphold DoD regulations and protect critical systems and data. Key responsibilities include:  

• Lead security assessments and audits using tools such as DISA eMASS and ACAS to identify vulnerabilities, evaluate controls, and ensure robust compliance with DoD standards and frameworks. 

• Develop and oversee security documentation, including System Security Plans (SSPs), risk assessments, and Plans of Action and Milestones (POA&Ms), to drive accreditation and authorization processes. 

• Ensure comprehensive adherence to DoD 8570.1M and related cybersecurity policies by designing, implementing, and monitoring advanced controls and continuous improvement strategies. 

• Collaborate with cross-functional teams in cybersecurity, engineering, test and evaluation (T&E), and A&A to integrate security practices into system lifecycles, resolving complex issues and optimizing security postures. 

• Conduct advanced risk management activities, analyzing threats, vulnerabilities, and impacts to formulate strategic mitigation plans and enhance overall system resilience. 

• Direct incident response efforts, leveraging assurance tools to investigate breaches, coordinate containment, and implement preventive measures for long-term security. 

• Maintain expert proficiency with information assurance tools and processes, applying them to high-level security tasks, reporting, and organizational process enhancements. 

• Oversee compliance reviews, audits, and certification efforts, serving as a key liaison with stakeholders and auditors to address findings and secure timely authorizations. 

• Mentor and train junior and mid-level staff on security tools, best practices, compliance requirements, and advanced methodologies, including Full Security Control Assessor qualifications if required. 

• Provide senior expertise to proposal and business development by contributing in-depth security insights for RFPs, including technical strategies, risk evaluations, and compliance planning for contracts. 

Qualifications and Education Requirements 

• Must be US Citizen 

• Education: College degree in a technical or managerial related discipline; note: a high school diploma or HS equivalency certificate is acceptable with additional years of experience as defined in the experience category. 

• Experience: Greater than five (5) years of practical experience in cybersecurity, engineering, test and evaluation (T&E), or accreditation and authorization (A&A, formerly C&A) related fields, including hands-on work with information assurance tools such as DISA eMASS and ACAS; may be required to hold a Full Security Control Assessor qualification. Without a college degree, greater than seven (7) years of experience is required. 

• Security Clearance: Active Secret clearance required; Top Secret or higher preferred depending on project classification. 

• Other Skills: Advanced analytical and leadership skills; high proficiency with security tools like eMASS and ACAS; excellent communication for strategic reporting and stakeholder engagement; ability to lead in classified, fast-paced environments with potential travel. 

REQUIRED CERTIFICATIONS:  

To meet the requirements of this senior role and comply with DoD standards, candidates must possess the following certification, which demonstrates expertise in information assurance management: 

• Cyber Security Workforce Framework (CSWF) Requirements: Information Assurance Management (IAM) Level II certification per DoD 8570.1M (e.g., CompTIA Security+, Certified Authorization Professional (CAP), or equivalent). 

• Preferred Additional Certifications: While not mandatory, certifications such as Certified Information Systems Security Professional (CISSP), GIAC Security Leadership Certification (GSLC), or Certified Risk and Information Systems Control (CRISC) are highly desirable to showcase advanced knowledge in security and compliance.