DecisionPoint

Role Description DecisionPoint Corporation is seeking a Senior Information Assurance (IA) Specialist / FISCAM-FIAR Subject Matter Expert (SME) to support our U.S. Transportation Command (USTRANSCOM) Integrated Booking System (IBS) program. This role leads cybersecurity, compliance, and audit readiness efforts, ensuring alignment with DoD Risk Management Framework (RMF), federal financial audit requirements, and enterprise security standards. The Senior IA Specialist serves as a key advisor on FISCAM (Federal Information System Controls Audit Manual) and FIAR (Financial Improvement and Audit Remediation) requirements, ensuring systems, processes, and controls meet audit and cybersecurity expectations. This role supports mission-critical transportation and logistics systems by integrating security, compliance, and audit readiness across the system lifecycle. The ideal candidate brings deep expertise in cybersecurity compliance, RMF, and financial audit frameworks, with the ability to lead efforts across technical, functional, and audit domains. Duties & Responsibilities - Serve as the FISCAM/FIAR SME, providing leadership on audit readiness, internal controls, and compliance activities - Lead cybersecurity efforts across the IBS program, ensuring compliance with DoD RMF, NIST, and federal audit requirements - Identify, assess, and mitigate security risks, threats, and vulnerabilities across the system lifecycle - Design and enforce secure system and application practices aligned with STIGs, OWASP, and DoD security standards - Lead development and maintenance of RMF accreditation packages, including ATO, ATC, and IATT artifacts - Ensure implementation of NIST SP 800-53 security controls and integration of security into the SDLC - Conduct and oversee security assessments, audits, and control validation activities - Perform and review vulnerability scans using tools such as Fortify, ACAS, and SCAP, ensuring timely remediation - Track and manage vulnerabilities, ensuring proper documentation and closure of findings - Maintain and manage POA&Ms and support remediation tracking and reporting - Develop and maintain security documentation within eMASS or other Government systems - Support continuous monitoring activities, including automated and manual security assessments - Provide audit support, including preparation of artifacts, responses to findings, and coordination with auditors - Ensure compliance with NIST SP 800-128 and security-focused configuration management practices - Collaborate with Government, financial, and technical teams to ensure alignment between system controls and audit requirements - Provide regular security metrics, reporting, and compliance status updates to stakeholders and leadership - Support secure system design, including encryption, logging, and secure communication protocols Qualifications - Active Secret Clearance - IAT Level II certification (CompTIA Security+ CE or higher preferred) - Minimum 7+ years of experience in Information Assurance, cybersecurity, or compliance within DoD environments - Demonstrated experience with FISCAM and FIAR audit requirements and audit readiness activities - Strong knowledge of DoD RMF processes and NIST SP 800-53 security controls - Experience developing and maintaining RMF accreditation documentation (ATO, SSPs, POA&Ms, etc.) - Experience with vulnerability scanning tools (Fortify, ACAS, SCAP or similar) - Strong understanding of secure coding practices, system hardening, and security architecture - Experience supporting continuous monitoring and security assessment activities - Knowledge of NIST SP 800-128 and configuration management security practices - Ability to lead compliance efforts across technical and functional teams - Strong analytical, problem-solving, and communication skills - Ability to operate in a fast-paced, mission-driven environment Requirements - Preferred: Experience supporting USTRANSCOM or DoD transportation/logistics systems - Preferred: Experience supporting financial systems or audit sustainment environments - Preferred: Familiarity with eMASS, PPSM, and DoD authorization processes - Preferred: Experience working in AWS GovCloud or cloud-based secure environments - Preferred: Advanced certifications such as CISSP, CISA, or CISM - Preferred: Experience integrating DevSecOps security practices into CI/CD pipelines Company Description DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description DecisionPoint is seeking a DevOps Platform Engineer to join the Cloud Operations team. The team maintains AWS cloud environments, supports a DevSecOps platform, and deploys applications for the Small Application Support team. In this role, you will be responsible for designing, implementing, and maintaining our continuous integration and continuous delivery (CI/CD) pipelines using GitLab and ArgoCD. - Design, build, and maintain scalable and secure CI/CD pipelines in GitLab CI from code commit to production deployment. - Implement and manage GitOps workflows for continuous delivery to RKE2 clusters using ArgoCD, ensuring the cluster state always reflects the Git repository. - Develop and maintain automation scripts and tools to streamline the software development lifecycle, reduce manual intervention, and improve developer productivity. - Integrate security best practices and automated testing (SAST, DAST, dependency scanning) into the CI/CD pipelines to ensure code quality and security compliance. - Collaborate with the infrastructure team to manage and provision environments using IaC principles and tools like Terraform. - Act as a subject matter expert on CI/CD, providing guidance and support to development teams on best practices for building, testing, and deploying their applications. - Monitor the health and performance of the CI/CD infrastructure, troubleshoot issues, and continuously optimize pipeline efficiency and reliability. - Update and maintain the organizations DevSecOps (DSO) software, including GitLab, Grafana, RKE2, Prisma, and AWS. - Perform updates to an AWS development environment that includes GitLab and various AWS services. - Maintain SSL certificates for DevSecOps software. - Perform root cause analysis, diagnostics, and monitoring on various production and non-production cloud systems. - Provide incident response and service outage resolution for cloud systems. - Develop GitLab projects that enable software delivery, security scanning, secrets management, policy-as-code, and compliance automation. - Deploy .Net/Java applications using DevSecOps platform to all Cloud Environments. - Remediate applications scan results using DevSecOps scanning tools. - Maintain and update application secrets. - Deploy updated baseline container images within 7 days of a released update. - Monitor overall site availability, latency, and system health for applications within AWS. Qualifications - Active Secret Clearance required. - Bachelor’s degree and 3 years of experience or 8 years’ experience in a DevOps, SRE, or a similar role with a focus on CI/CD. - Expert-level knowledge of Git, including branching strategies and workflows. - Proven experience implementing and managing GitOps with ArgoCD. - Deep understanding of containerization (Docker) and Kubernetes orchestration. - Proficiency in scripting languages such as Bash, Python, or Go. - Experience with Infrastructure as Code (IaC), particularly Terraform. - DOD 8140 certification: IAT Level II or better (e.g., Security+ CE). Company Description

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description DecisionPoint Corporation is seeking an Information Security Analyst to join our team! This role will support the design and implementation of a comprehensive approach to securing government networks and applications while ensuring compliance with federal security and oversight requirements. This position is fully remote. This requisition is contingent upon additional funding. Duties & Responsibilities - Provide guidance to ensure project compliance to the United States Government Baseline (USGCB) for IT Security, taking into account agency policies, default configurations and settings, IPv6 security capabilities, and any other potential IPv6 requirements. - Provide technical expertise of computer security laws, mandates, standards and policies in accordance with the Federal Information Security Management Act (FISMA) as amended, National Institute of Standards and Technology (NIST) Special Publications (SPs), Office of Management and Budget mandates, the Department of the Treasury policies for information security requirements and Federal Risk Management Program (FedRAMP) authorization process. - Utilize technical expertise of computer theories, principles, practices and industry standards to complete computer security related functions that include certification and accreditation of government information and telecommunications system, IT disaster recovery and business continuity planning, and risk management activities. - Represent the project in internal and external meetings, working groups, and integrated project teams to provide IT security compliance requirements. - Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth. - Participate in internal security and compliance program and track recurring controls. - Help support customer security reviews, RFPs and external security and privacy inquiries. - Help support internal/external audits and evidence collection. - Document new and update existing policies, procedures, standards and resources. - Participate in Security awareness program, train personnel on data security & privacy related processes and responsibilities. - Participate in defining, collecting and tracking various Security Metrics. - Support vendor management, including vendor risk assessments and security reviews. - Ability to prioritize in a highly dynamic work environment. Qualifications - Ability to obtain a Public Trust and EOD. - Bachelor and three (3) years' or Master and (2) years' experience. - Three (3) years of experience working in information security or compliance, NIST, FISMA, ATO experience. - Technical understanding of IPv6 security requirements and associated network protocols. - Expert-level knowledge of Zscaler security solutions and their implementation in enterprise environments. - Ability to work closely with cross-functional stakeholders. - Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers. Desired Skills & Abilities - Work experience with ISO 27001 compliance standard. - Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness & training, BC/DRP, etc. - Ability to balance risk, potential impact, resourcing, business drivers, and timelines. - Advanced degree in computer science, information technology or Information security. - Ability to prioritize in a highly dynamic work environment. Our Equal Employment Opportunity Policy DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws. Pay Transparency Policy In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. Authorization to Share Resume and Personal Information By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.