Cybersecurity Tools Specialist - DOD

INNOVIM is seeking a Cybersecurity Tools Specialist to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.

Location: Schriever, SFB, Colorado Springs, CO
Relocation Assistance: NONE
Position Closes: 3/17/26

Resumes, in month and year format, must be submitted with application in order to be considered for the position.

The candidate will:

• Leverage technical skills and knowledge to support mission-oriented cybersecurity.
• Engineer systems to function with the required security features in place.
• Conduct periodic manual and automated scans and inspections to ensure compliance with the Exercises and Risk Management Framework (RMF) accreditations issued by the MDA Authorizing Official.
• Support to Information Assurance Vulnerability Management (IAVM) reporting requirements and ensuring security patches are installed, as appropriate.
• Manage System Security Plan documentation in eMASS and update the eMASS Plan of Actions and Milestones (POA&M) IAW RMF continuous monitoring requirements.
• Periodically conduct a complete review of each system’s RMF Control Compliance Indicators (CCI) and monitor corrective actions until all actions are closed.
• Apply cybersecurity principles to provide realistic configuration management solutions designed to enhance the cybersecurity posture.
• Understand the Risk Management Framework Certification and Accreditation process.
• Be able to thoroughly document work and adhere to DoD and MDA level enterprise processes & procedures.

Basic Requirements:

• Must have 3, or more, years of general (full-time) work experience which may be reduced with completion of advanced education
• Must have 1, or more, years of directly related experience
• Must have proven hands-on experience with a Security Information and Event Management (SIEM) platform. This includes managing data ingestion, building security monitoring dashboards, and performing query-based analysis of security events.
• Must have experience with an Endpoint Detection and Response (EDR) or Endpoint Protection Platform solution (e.g., ESS (Trellix), Microsoft Defender for Endpoint).
• Perform vulnerability scans using ACAS (Tenable SecurityCenter/Nessus).
• Must have the flexibility to participate in an on-call rotation and respond to security incidents outside of standard business hours as needed.
• Must have experience with both Windows and Linux OS
• Must be compliant with DoD 8570/8140 IAT Level II at a minimum (e.g., CompTIA Security+ CE, CySA+, GSEC).
• Must have current ACAS certificate 
• Must have an active DoD Secret Security Clearance

Desired Requirements:

• Have a strong working knowledge of the DoD Risk Management Framework (RMF) lifecycle.
• Have experience with the ELK Stack (Elasticsearch, Logstash, and Kibana) or similar log aggregation and monitoring tools is highly desirable.
• Have experience applying and verifying DISA STIGs (Security Technical Implementation Guides) and familiar with Ports Protocol and Services Management (PPSM).
• Be proficient in a scripting language (e.g., Python, PowerShell, Bash) for automating administrative and security tasks.
• Have experience with virtualization platforms, particularly VMware (vSphere, ESXi), Ansible etc.

This position is expected to pay $107,400 – $120,000 annually; depending on experience, education, and any certifications that are directly related to the position.