(689) Cybersecurity Management Specialist Level III

Job Description

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Position Overview

The Cybersecurity Management Specialist Level III will support the U.S. Army Test and Evaluation Command (ATEC) as a contractor through Arlo Solutions, providing subject matter expertise and actionable leadership in supporting the Risk Management Framework (RMF) activities necessary to achieve and maintain Authorization to Operate (ATO) for Army Test and Evaluation Command (ATEC) systems. This position involves interpreting and implementing Department of Defense (DoD) regulatory compliance processes, developing and maintaining required cybersecurity plans and documentation, and acting as a primary contributor in the execution of system assessment activities, incident response, vulnerability management, and risk management. The ideal candidate independently executes all RMF steps and provides authoritative guidance to system owners and administrators throughout the ATO lifecycle.

Work Location: ( Hybrid with on-site requirements) Aberdeen Proving Ground, MD

Clearance: Active Secret clearance.

Job Responsibilities and/or Success Factors

RMF and Authorization to Operate Management

• Execute all tasks required to obtain and maintain authorizations to operate (ATO) for ATEC HQ systems, across connected, standalone, and cloud environments.
• Develop, review, and maintain artifact documentation, including policies, procedures, diagrams, hardware/software inventory, and security plans.
• Register and maintain systems in Enterprise Mission Assurance Support Service (eMASS), managing technical artifacts and documentation for all RMF steps.
• Review and interpret cybersecurity policies and procedures to assure compliance with DoD, Army, and Federal directives, including NIST SP 800-37, NIST SP 800-53, and DoD RMF.

Vulnerability Management and Incident Response

• Oversee the assessment, documentation, and risk analysis of vulnerabilities using established Army and DoD tools and processes.
• Develop, track, and update Plans of Action and Milestones (POA&Ms) for vulnerabilities, supporting remediation and risk acceptance activities as needed.
• Participate in and support security assessments, risk management, and incident response efforts in close collaboration with system administrators and security leads.

Stakeholder Communication and Support

• Provide subject matter expertise to system owners, administrators, and broader technical teams on execution and interpretation of RMF and cybersecurity requirements.
• Facilitate the preparation, review, and accurate submission of RMF artifacts, ensuring all deliverables meet timelines and quality benchmarks.
• Support and guide junior technical staff and act as a resource in compliance, documentation, and audit response activities.
• Regularly communicate status, results, and risks to government customers and leadership.

Documentation, Quality Assurance, and Compliance

• Prepare, maintain, and review all required security documentation, including risk assessments, incident reports, security plans, and compliance status deliverables.
• Ensure all documentation and reporting are accurate, complete, and delivered on schedule, supporting continuous monitoring and security posture maintenance as required by Army contracts.
• Ensure ongoing compliance with privileged access controls and maintain appropriate professional certifications as specified in DoD ⁸¹⁴⁰⁄₈₅₇₀ and Army policy.

Education and Minimum Qualifications

• Must be a U.S. Citizen
• Must have an Active Secret Clearance.
• Education/Experience:
  • No degree or any degree in a non-directly related field with technical certifications and at least 7 years of relevant experience; or
  • Bachelor’s Degree in a directly related field and at least 5 years of relevant experience.
• Relevant experience must be in Information Security or Network/System Administration, with demonstrated expertise in RMF and DoD regulatory compliance, including the ability to execute all steps of the RMF process independently.
• Demonstrated experience as a subject matter expert in developing cybersecurity plans, policies, and procedures, supporting incident response, performing security assessments, and conducting risk management activities.
• Must possess one of the following professional certifications: CAP, CASP+ CE, CISM, CISSP, or GSLC.
• Experience with vulnerability management, continuous monitoring, and supporting eMASS required.

Desired Qualifications

• Experience supporting Army or DoD cybersecurity programs, especially within the Army Test and Evaluation Command (ATEC) environment.
• Familiarity with Army, DoD, and federal cybersecurity regulatory frameworks and current best practices in compliance and information assurance.
• Demonstrated leadership or mentoring experience within technical cybersecurity teams.
• Experience briefing or advising government leadership and other stakeholders on compliance status and risk.
• Additional certifications in security management or technical areas (beyond minimum required) are a plus.

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.