Sr. Information Assurance Security Specialist

Who We Are : Oasys International, LLC (Oasys) is a rapidly expanding firm that has been recognized on Inc. 5000 magazine's list of the fastest-growing companies for five consecutive years. We are a dynamic organization dedicated to providing world-class technology consulting services through our team of expert technologists, consultants, engineers, and subject matter experts. At Oasys, we prioritize continuous learning, a healthy work-life balance, and a collaborative work environment. Our culture is merit-based, recognizing and rewarding performance and fostering a supportive and social atmosphere.

Position Summary :

Oasys is seeking a Sr. Information Assurance Security Specialist to support the United States Coast Guard (USCG) at the Aviation Logistics Center (ALC)-Information Systems Division (ISD). The Sr. Information Assurance Security Specialist will focus on maintaining system authorization through RMF execution, vulnerability management, risk assessments, and compliance assurance aligned with DHS 4300A, FISMA, and NIST 800-53 guidelines.

The ideal candidate will serve as a technical subject matter expert in cybersecurity assurance, supporting the ongoing protection and accreditation of enterprise systems through ATO sustainment, audit preparation, and continuous control validation.

Primary Responsibilities :

• Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization.
• Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation.
• Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts.
• Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment.
• Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats.
• Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps.
• Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment.
• Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures.
• Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance.
• Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments.
• All other duties as assigned by management.

Skills / Qualifications :

Education / Experience Requirements :

Clearance :

Certification Requirement

Work Location :

Oasys is proud to be an equal opportunity employer for all protected groups, including protected veterans and individuals with disabilities.