Home › Companies › BD1EA60AEEB10C351C9D11F5ACCAE8B8 › Control Validation Security Specialist Senior (59833)
Control Validation Security Specialist Senior (59833)
BD1EA60AEEB10C351C9D11F5ACCAE8B8 · REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA · Remote · Active · Paycom ATS
Job facts
| Field | Value |
|---|---|
| Company | BD1EA60AEEB10C351C9D11F5ACCAE8B8 |
| Title | Control Validation Security Specialist Senior (59833) |
| Normalized title | - |
| Department / team | Professional Services |
| Location | VA, United States |
| Work model | Remote / Remote |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Paycom ATS |
| Posted / first seen | 2026-03-05 / 2026-05-31 |
| Changed / last seen | 2026-05-31 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from BD1EA60AEEB10C351C9D11F5ACCAE8B8. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Paycom ATS. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| Department jobs | Active postings in Professional Services. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | BD1EA60AEEB10C351C9D11F5ACCAE8B8 |
| Source | 7262a4a5-72a6-432d-ab32-df72cb1cd3a3 |
| ATS provider | Paycom ATS |
Description
Description
BMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award.
Job Summary
BMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves. This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments.
Key Responsibilities
Cybersecurity Control Validation and IT Audit Support: Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems.
RMF Authorization and Security Assessment Support: Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official.
Continuous Monitoring and Vulnerability Analysis: Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis.
Security Analysis and Technical Evaluation: Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations.
Documentation, Reporting, and Coordination: Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and improve security compliance. Participate in cybersecurity working groups, technical reviews, and enterprise cybersecurity coordination meetings.
Clearance Requirements
There is a Secret Security clearance requirement for this position.
Required Skills & Certifications
Current DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO).
3+ years of experience working with DoD cybersecurity policy such as DoD 8500-series or NIST SP 800-53, with strong understanding of Risk Management Framework (RMF) principles and processes.
2+ years of experience using Enterprise Mission Assurance Support Service (eMASS) to support RMF authorization activities and security documentation tracking.
Demonstrated ability to perform independent IT audits and security control validation across complex enterprise environments.
Strong analytical and problem-solving skills with the ability to identify cybersecurity vulnerabilities and recommend appropriate mitigations.
Proficiency with Microsoft Office tools, including Excel, Access, Word, and PowerPoint, for cybersecurity analysis and reporting.
Strong knowledge of network architecture and network security implementation.
Strong written and oral communication skills capable of supporting executive-level briefings.
Ability to balance mission objectives with cybersecurity risk management.
Must be eligible for IT-II designation upon assignment.
Desired Skills & Certifications
Experience supporting DoD or DLA program offices.
Experience supporting DoD DLA environments.
Experience leading enterprise-level cyber modernization initiatives.
Familiarity with DLA-specific cybersecurity governance frameworks.
Current Project Management Professional (PMP) certification.
Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP).
Other Duties
Able to travel within a week's notice.
This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.
Duties, responsibilities, and activities may change at any time with or without notice.
Overview
BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.
Benefits
We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.
AAP & EEO Statement
Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.
Full job record
| Job ID | 9fabb5286f6d814513ea1dca53483ddd6811304e |
| Org ID | e8a572cb-75af-4a74-801d-c4b032cd9504 |
| Source ID | 7262a4a5-72a6-432d-ab32-df72cb1cd3a3 |
| Board ID | 7262a4a5-72a6-432d-ab32-df72cb1cd3a3 |
| Provider | paycom |
| Provider Job Key | 311259 |
| Title | Control Validation Security Specialist Senior (59833) |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA |
| Department | Professional Services |
| Team | — |
| Employment Type | full_time |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | VA |
| City | — |
| Salary Raw | Description BMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves. This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments. Key Responsibilities Cybersecurity Control Validation and IT Audit Support: Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems. RMF Authorization and Security Assessment Support: Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official. Continuous Monitoring and Vulnerability Analysis: Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis. Security Analysis and Technical Evaluation: Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations. Documentation, Reporting, and Coordination: Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and improve security compliance. Participate in cybersecurity working groups, technical reviews, and enterprise cybersecurity coordination meetings. Clearance Requirements There is a Secret Security clearance requirement for this position. Required Skills & Certifications Current DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO). 3+ years of experience working with DoD cybersecurity policy such as DoD 8500-series or NIST SP 800-53, with strong understanding of Risk Management Framework (RMF) principles and processes. 2+ years of experience using Enterprise Mission Assurance Support Service (eMASS) to support RMF authorization activities and security documentation tracking. Demonstrated ability to perform independent IT audits and security control validation across complex enterprise environments. Strong analytical and problem-solving skills with the ability to identify cybersecurity vulnerabilities and recommend appropriate mitigations. Proficiency with Microsoft Office tools, including Excel, Access, Word, and PowerPoint, for cybersecurity analysis and reporting. Strong knowledge of network architecture and network security implementation. Strong written and oral communication skills capable of supporting executive-level briefings. Ability to balance mission objectives with cybersecurity risk management. Must be eligible for IT-II designation upon assignment. Desired Skills & Certifications Experience supporting DoD or DLA program offices. Experience supporting DoD DLA environments. Experience leading enterprise-level cyber modernization initiatives. Familiarity with DLA-specific cybersecurity governance frameworks. Current Project Management Professional (PMP) certification. Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP). Other Duties Able to travel within a week's notice. This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Overview BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country. Benefits We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. AAP & EEO Statement Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law. |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | week |
| Source URL | https://www.paycomonline.net/v4/ats/web.php/jobs/ViewJobDetails?job=311259&clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8 |
| Apply URL | https://www.paycomonline.net/v4/ats/web.php/jobs/ViewJobDetails?job=311259&clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8 |
| First Seen At | 2026-05-31 19:06:22Z |
| Last Seen At | 2026-06-06 09:54:32Z |
| Last Checked At | 2026-06-06 09:54:32Z |
| Last Changed At | 2026-05-31 19:06:22Z |
| Inactive At | — |
| Source Posted At | 2026-03-05 00:00:00Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=paycom/board=BD1EA60AEEB10C351C9D11F5ACCAE8B8/date=2026-06-06/2026-06-06T09-54-30-911Z-08cd82c2529cf77aaa55d1a7bc8ead4a537d3a19986febc3cdce99f22689fe7e.json |
Event Fields
{
"content_hash": "1645629a812e2b83fbdbd27a3ffc66089ea609d5316b1befd1487e70f98ae1c9",
"source_hash": "24fa8f8fab77d3c8ab3da0043bd351bae3ec87300a7d5cfb841fbba1631e762d",
"last_changed_at": "2026-05-31T19:06:22.044Z",
"active_status": "active"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
"city": null,
"region": "VA",
"country": "United States",
"is_remote": true,
"confidence": 0.8
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T09:54:32.595Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
"city": null,
"region": "VA",
"country": "United States",
"is_remote": true,
"confidence": 0.8
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": "week",
"workplace_type": "remote",
"salary_currency": null
}Extensions
{}Native Structured
{
"detail": {
"city": "Remote",
"jobId": 311259,
"level": "Senior",
"endDate": "",
"legalId": 4330,
"isHotJob": false,
"jobShift": "Day",
"jobTitle": "Control Validation Security Specialist Senior (59833)",
"location": "REMOTE (United States) - Remote, VA 22211",
"startDate": "",
"clientCode": "0QS68",
"remoteType": "Fully Remote",
"description": "<p style=\"margin-bottom: 11px; text-align: center;\"><span style=\"display:block;font-size:16px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">BMA is seeking a </span><span style=\"color:black\"><strong>Control Validation Security Specialist – Senior</strong> </span><span style=\"line-height:115%\">to support the DLA JETS </span><span style=\"color:black\">Cybersecurity Policy and Oversight Support Services (CPOSS)</span><span style=\"line-height:115%\"> program. This is a fully<b> remote </b>position and <b>contingent</b> on contract award. </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"> </p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Job Summary </b></span></span></span></p>\r\n\r\n<p data-end=\"1224\" data-start=\"0\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">BMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves. This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments.</span></span></p>\r\n\r\n<p data-end=\"1250\" data-start=\"1226\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"1250\" data-start=\"1226\">Key Responsibilities</strong></span></span></p>\r\n\r\n<ol data-end=\"4145\" data-is-last-node=\"\" data-is-only-node=\"\" data-start=\"1252\">\r\n\t<li data-end=\"1894\" data-start=\"1252\">\r\n\t<p data-end=\"1894\" data-start=\"1255\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"1313\" data-start=\"1255\">Cybersecurity Control Validation and IT Audit Support:</strong> Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems.</span></span></p>\r\n\t</li>\r\n\t<li data-end=\"2449\" data-start=\"1896\">\r\n\t<p data-end=\"2449\" data-start=\"1899\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"1953\" data-start=\"1899\">RMF Authorization and Security Assessment Support:</strong> Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official.</span></span></p>\r\n\t</li>\r\n\t<li data-end=\"3000\" data-start=\"2451\">\r\n\t<p data-end=\"3000\" data-start=\"2454\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"2507\" data-start=\"2454\">Continuous Monitoring and Vulnerability Analysis:</strong> Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis.</span></span></p>\r\n\t</li>\r\n\t<li data-end=\"3569\" data-start=\"3002\">\r\n\t<p data-end=\"3569\" data-start=\"3005\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"3052\" data-start=\"3005\">Security Analysis and Technical Evaluation:</strong> Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations.</span></span></p>\r\n\t</li>\r\n\t<li data-end=\"4145\" data-is-last-node=\"\" data-start=\"3571\">\r\n\t<p data-end=\"4145\" data-is-last-node=\"\" data-start=\"3574\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong data-end=\"3621\" data-start=\"3574\">Documentation, Reporting, and Coordination:</strong> Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and improve security compliance. Participate in cybersecurity working groups, technical reviews, and enterprise cybersecurity coordination meetings.</span></span></p>\r\n\t</li>\r\n</ol>\r\n\r\n<p style=\"margin-bottom:11px\"> </p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Clearance Requirements </b></span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">There is a<b> Secret </b>Security clearance requirement for this position. </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"> </p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Required Skills & Certifications </b></span></span></span></p>\r\n\r\n<ul>\r\n\t<li data-end=\"299\" data-start=\"0\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Current DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO).</span></span></li>\r\n\t<li data-end=\"491\" data-start=\"301\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">3+ years of experience working with DoD cybersecurity policy such as DoD 8500-series or NIST SP 800-53, with strong understanding of Risk Management Framework (RMF) principles and processes.</span></span></li>\r\n\t<li data-end=\"651\" data-start=\"493\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">2+ years of experience using Enterprise Mission Assurance Support Service (eMASS) to support RMF authorization activities and security documentation tracking.</span></span></li>\r\n\t<li data-end=\"778\" data-start=\"653\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Demonstrated ability to perform independent IT audits and security control validation across complex enterprise environments.</span></span></li>\r\n\t<li data-end=\"922\" data-start=\"780\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Strong analytical and problem-solving skills with the ability to identify cybersecurity vulnerabilities and recommend appropriate mitigations.</span></span></li>\r\n\t<li data-end=\"1053\" data-start=\"924\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Proficiency with Microsoft Office tools, including Excel, Access, Word, and PowerPoint, for cybersecurity analysis and reporting.</span></span></li>\r\n\t<li data-end=\"1132\" data-start=\"1055\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Strong knowledge of network architecture and network security implementation.</span></span></li>\r\n\t<li data-end=\"1227\" data-start=\"1134\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Strong written and oral communication skills capable of supporting executive-level briefings.</span></span></li>\r\n\t<li data-end=\"1302\" data-start=\"1229\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Ability to balance mission objectives with cybersecurity risk management.</span></span></li>\r\n\t<li data-end=\"1359\" data-is-last-node=\"\" data-is-only-node=\"\" data-start=\"1304\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Must be eligible for IT-II designation upon assignment.</span></span></li>\r\n</ul>\r\n\r\n<p data-end=\"1359\" data-is-last-node=\"\" data-is-only-node=\"\" data-start=\"1304\"> </p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Desired Skills & Certifications </b></span></span></span></p>\r\n\r\n<ul>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience supporting DoD or DLA program offices.</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience supporting DoD DLA environments.</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience leading enterprise-level cyber modernization initiatives.</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with DLA-specific cybersecurity governance frameworks.</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Current Project Management Professional (PMP) certification.</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP).</span></span></li>\r\n</ul>\r\n\r\n<p style=\"margin-bottom:11px\"> </p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Other Duties</b></span></span></span></p>\r\n\r\n<ul>\r\n\t<li style=\"margin-bottom: 11px;\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">Able to travel within a week's notice.</span></span></span></li>\r\n\t<li style=\"margin-bottom: 11px;\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. </span></span></span></li>\r\n\t<li style=\"margin-bottom: 11px;\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">Duties, responsibilities, and activities may change at any time with or without notice. </span></span></span></li>\r\n</ul>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"> </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Overview</b></span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.</span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"> </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>Benefits</b></span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\">We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"> </span></span></span></p>\r\n\r\n<p style=\"margin-bottom:11px\"><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"line-height:115%\"><b>AAP & EEO Statement</b><br />\r\n Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law. </span></span></span></p>\r\n",
"jobCategory": "Professional Services",
"salaryRange": "",
"socialMedia": {
"xLink": null,
"emailLink": {
"subject": "Bma%20Technical%20Services%20Inc%20Job%20Opportunity%20Control%20Validation%20Security%20Specialist%20Senior%20%2859833%29",
"summary": "BMA%20is%20seeking%20a%C2Control%20Validation%20Security%20Specialist%20%E2%80%93%20Senior%C2to%20support%20the%C2DLA%20JETS%20Cybersecurity%20Policy%20and%20Oversight%20Support%20Services%20%28CPOSS%29%20program.%20This%20is%20a%20fully%20remote%20position%20and%20contingent%20on%20contract%20award.%20%0D%0A%0D%0A%C2%0D%0A%0D%0AJob%20Summary%C2%0D%0A%0D%0ABMA%20is%20seeking%20a%20Control%20Validation%20Security%20Specialist%20%E2%80%93%20Senior%20to%20support%20our%20DLA%20Cybersecurity%20Policy%20and%20Oversight%20Support%20Services%20%28CPOSS%29%20contract.%20The%20position%20provides%20advanced%20cybersecurity%20assessment%20and%20validation%20support%20to%20the%20CPOSS%20program%20supporting%20DLA%E2%80%99s%20J6%2FJ611%20Cybersecurity%20Directorate.%20The%20specialist%20independently%20conducts%20information%20system%20security%20control%20validation%2C%20RMF%20authorization%20package%20reviews%2C%20and%20enterprise%20cybersecurity%20assessments%20across%20DLA%20systems%2C%20networks%2C%20applications%2C%20and%20enclaves.%20This%20role%20ensures%20cybersecurity%20controls%20are%20properly%20implemented%2C%20operating%20effectively%2C%20and%20compliant%20with%20Federal%2C%20DoD%2C%20and%20DLA%20cybersecurity%20policies.%20The%20specialist%20performs%20technical%20evaluations%20of%20cybersecurity..."
},
"facebookLink": {
"redirectUri": "",
"facebookAppId": "773759036043100"
},
"linkedInLink": {}
},
"isQuickApply": false,
"positionType": "Full Time",
"countryPaidIn": "",
"googleJobJson": "{\"@context\":\"https://schema.org/\",\"@type\":\"JobPosting\",\"title\":\"Control Validation Security Specialist Senior (59833)\",\"identifier\":\"J0QS68311259\",\"url\":\"https://www.paycomonline.net/v4/ats/web.php/portal/BD1EA60AEEB10C351C9D11F5ACCAE8B8/jobs/311259\",\"image\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\",\"datePosted\":\"2026-03-05\",\"description\":\"Job DetailsLevel: SeniorJob Location: REMOTE (United States) - Remote, VA 22211Position Type: Full TimeEducation Level: Not SpecifiedTravel Percentage: Occasionally Job Shift: DayJob Category: Professional ServicesBMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award. \\r\\n\\r\\n \\r\\n\\r\\nJob Summary \\r\\n\\r\\nBMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves. This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments.\\r\\n\\r\\nKey Responsibilities\\r\\n\\r\\n\\r\\n\\t\\r\\n\\tCybersecurity Control Validation and IT Audit Support: Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems.\\r\\n\\t\\r\\n\\t\\r\\n\\tRMF Authorization and Security Assessment Support: Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official.\\r\\n\\t\\r\\n\\t\\r\\n\\tContinuous Monitoring and Vulnerability Analysis: Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis.\\r\\n\\t\\r\\n\\t\\r\\n\\tSecurity Analysis and Technical Evaluation: Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations.\\r\\n\\t\\r\\n\\t\\r\\n\\tDocumentation, Reporting, and Coordination: Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and improve security compliance. Participate in cybersecurity working groups, technical reviews, and enterprise cybersecurity coordination meetings.\\r\\n\\t\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nClearance Requirements \\r\\n\\r\\nThere is a Secret Security clearance requirement for this position. \\r\\n\\r\\n \\r\\n\\r\\nRequired Skills & Certifications \\r\\n\\r\\n\\r\\n\\tCurrent DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO).\\r\\n\\t3+ years of experience working with DoD cybersecurity policy such as DoD 8500-series or NIST SP 800-53, with strong understanding of Risk Management Framework (RMF) principles and processes.\\r\\n\\t2+ years of experience using Enterprise Mission Assurance Support Service (eMASS) to support RMF authorization activities and security documentation tracking.\\r\\n\\tDemonstrated ability to perform independent IT audits and security control validation across complex enterprise environments.\\r\\n\\tStrong analytical and problem-solving skills with the ability to identify cybersecurity vulnerabilities and recommend appropriate mitigations.\\r\\n\\tProficiency with Microsoft Office tools, including Excel, Access, Word, and PowerPoint, for cybersecurity analysis and reporting.\\r\\n\\tStrong knowledge of network architecture and network security implementation.\\r\\n\\tStrong written and oral communication skills capable of supporting executive-level briefings.\\r\\n\\tAbility to balance mission objectives with cybersecurity risk management.\\r\\n\\tMust be eligible for IT-II designation upon assignment.\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nDesired Skills & Certifications \\r\\n\\r\\n\\r\\n\\tExperience supporting DoD or DLA program offices.\\r\\n\\tExperience supporting DoD DLA environments.\\r\\n\\tExperience leading enterprise-level cyber modernization initiatives.\\r\\n\\tFamiliarity with DLA-specific cybersecurity governance frameworks.\\r\\n\\tCurrent Project Management Professional (PMP) certification.\\r\\n\\tCurrent Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP).\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nOther Duties\\r\\n\\r\\n\\r\\n\\tAble to travel within a week's notice.\\r\\n\\tThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. \\r\\n\\tDuties, responsibilities, and activities may change at any time with or without notice. \\r\\n\\r\\n\\r\\n \\r\\n\\r\\nOverview\\r\\n\\r\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\r\\n\\r\\n \\r\\n\\r\\nBenefits\\r\\n\\r\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. \\r\\n\\r\\n \\r\\n\\r\\nAAP & EEO Statement\\r\\n Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law. \\r\\nQualifications\",\"responsibilities\":\"BMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award. \\r\\n\\r\\n \\r\\n\\r\\nJob Summary \\r\\n\\r\\nBMA is seeking a Control Validation Security Specialist – Senior to support our DLA Cybersecurity Policy and Oversight Support Services (CPOSS) contract. The position provides advanced cybersecurity assessment and validation support to the CPOSS program supporting DLA’s J6/J611 Cybersecurity Directorate. The specialist independently conducts information system security control validation, RMF authorization package reviews, and enterprise cybersecurity assessments across DLA systems, networks, applications, and enclaves. This role ensures cybersecurity controls are properly implemented, operating effectively, and compliant with Federal, DoD, and DLA cybersecurity policies. The specialist performs technical evaluations of cybersecurity posture, analyzes system risks, validates mitigation strategies, and provides recommendations to strengthen enterprise security while balancing operational mission requirements. Working in support of the Security Control Assessor (SCA) Representative Team, the position contributes to enterprise RMF authorization oversight, continuous monitoring verification, and cybersecurity policy compliance activities across classified and unclassified environments.\\r\\n\\r\\nKey Responsibilities\\r\\n\\r\\n\\r\\n\\t\\r\\n\\tCybersecurity Control Validation and IT Audit Support: Independently perform information system security control validation and IT audit activities across complex information systems, applications, networks, and enclaves. Verify that cybersecurity controls are properly implemented, configured correctly, and operating in accordance with federal and DoD cybersecurity requirements. Conduct cybersecurity assessments to determine whether implemented controls effectively protect systems from unauthorized access, misuse, or destruction. Validate compliance with cybersecurity policies and standards applicable to DLA enterprise systems.\\r\\n\\t\\r\\n\\t\\r\\n\\tRMF Authorization and Security Assessment Support: Support the enterprise RMF authorization process in accordance with DoDI 8510.01 RMF for DoD IT. Perform technical reviews of RMF authorization packages, supporting documentation, and system security artifacts. Analyze residual risk and determine whether implemented security controls satisfy security requirements and authorization standards. Assist in preparing security assessment reports and authorization recommendations for review by the Security Control Assessor and Authorizing Official.\\r\\n\\t\\r\\n\\t\\r\\n\\tContinuous Monitoring and Vulnerability Analysis: Conduct cybersecurity control validation exercises on classified and unclassified systems to verify the effectiveness of implemented security measures. Perform vulnerability assessments and analyze security weaknesses to identify potential threats to enterprise systems. Evaluate remediation activities and mitigation strategies to determine whether corrective actions adequately address security findings. Support enterprise continuous monitoring initiatives and cybersecurity risk analysis.\\r\\n\\t\\r\\n\\t\\r\\n\\tSecurity Analysis and Technical Evaluation: Perform technical evaluations of customer systems to identify security weaknesses and recommend improvements to strengthen cybersecurity posture. Analyze network security configurations and system architectures to verify secure implementation of cybersecurity controls. Provide recommendations for improving cybersecurity controls, risk mitigation strategies, and security implementation practices. Balance mission requirements with cybersecurity controls by evaluating operational needs against risk considerations.\\r\\n\\t\\r\\n\\t\\r\\n\\tDocumentation, Reporting, and Coordination: Document findings from security control assessments, audits, and validation activities in formal reports and assessment summaries. Prepare technical documentation and supporting evidence to support RMF reviews and cybersecurity compliance activities. Coordinate with program managers, system managers, and Information System Security Managers to resolve cybersecurity issues and improve security compliance. Participate in cybersecurity working groups, technical reviews, and enterprise cybersecurity coordination meetings.\\r\\n\\t\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nClearance Requirements \\r\\n\\r\\nThere is a Secret Security clearance requirement for this position. \\r\\n\\r\\n \\r\\n\\r\\nRequired Skills & Certifications \\r\\n\\r\\n\\r\\n\\tCurrent DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO).\\r\\n\\t3+ years of experience working with DoD cybersecurity policy such as DoD 8500-series or NIST SP 800-53, with strong understanding of Risk Management Framework (RMF) principles and processes.\\r\\n\\t2+ years of experience using Enterprise Mission Assurance Support Service (eMASS) to support RMF authorization activities and security documentation tracking.\\r\\n\\tDemonstrated ability to perform independent IT audits and security control validation across complex enterprise environments.\\r\\n\\tStrong analytical and problem-solving skills with the ability to identify cybersecurity vulnerabilities and recommend appropriate mitigations.\\r\\n\\tProficiency with Microsoft Office tools, including Excel, Access, Word, and PowerPoint, for cybersecurity analysis and reporting.\\r\\n\\tStrong knowledge of network architecture and network security implementation.\\r\\n\\tStrong written and oral communication skills capable of supporting executive-level briefings.\\r\\n\\tAbility to balance mission objectives with cybersecurity risk management.\\r\\n\\tMust be eligible for IT-II designation upon assignment.\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nDesired Skills & Certifications \\r\\n\\r\\n\\r\\n\\tExperience supporting DoD or DLA program offices.\\r\\n\\tExperience supporting DoD DLA environments.\\r\\n\\tExperience leading enterprise-level cyber modernization initiatives.\\r\\n\\tFamiliarity with DLA-specific cybersecurity governance frameworks.\\r\\n\\tCurrent Project Management Professional (PMP) certification.\\r\\n\\tCurrent Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP).\\r\\n\\r\\n\\r\\n \\r\\n\\r\\nOther Duties\\r\\n\\r\\n\\r\\n\\tAble to travel within a week's notice.\\r\\n\\tThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. \\r\\n\\tDuties, responsibilities, and activities may change at any time with or without notice. \\r\\n\\r\\n\\r\\n \\r\\n\\r\\nOverview\\r\\n\\r\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\r\\n\\r\\n \\r\\n\\r\\nBenefits\\r\\n\\r\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. \\r\\n\\r\\n \\r\\n\\r\\nAAP & EEO Statement\\r\\n Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law. \\r\\n\",\"employmentType\":\"FULL_TIME\",\"hiringOrganization\":{\"@type\":\"Organization\",\"name\":\"BMA TECHNICAL SERVICES INC\",\"logo\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\"},\"jobLocation\":{\"@type\":\"Place\",\"address\":{\"streetAddress\":\"No Address \",\"addressLocality\":\"Remote\",\"addressRegion\":\"VA\",\"postalCode\":22211,\"addressCountry\":\"USA\"}},\"industry\":\"Professional Services\",\"validThrough\":\"-0001-11-30\",\"workHours\":\"Day\",\"educationRequirements\":\"Not Specified\"}",
"applyAvailable": true,
"educationLevel": "Not Specified",
"qualifications": "",
"descriptionTitle": "Description",
"travelPercentage": "Occasionally ",
"jobYoutubeVideoId": "",
"legalRevisionDate": {
"date": "2025-05-05T14:10:08.000Z",
"timezone": "America/Chicago",
"timezone_type": 3
},
"secondaryLocations": [],
"primaryPhoneCountry": "US",
"primaryPhoneEnabled": true,
"qualificationsTitle": "Qualifications",
"primaryPhoneRequired": true,
"primaryPhoneNumberDoesNotExist": false
},
"preview": {
"jobId": 311259,
"isHotJob": false,
"jobTitle": "Control Validation Security Specialist Senior (59833)",
"postedOn": "",
"locations": "REMOTE (United States) - Remote, VA 22211",
"remoteType": "Fully Remote",
"description": "BMA is seeking a Control Validation Security Specialist – Senior to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) p...",
"positionType": "Full Time"
},
"detail_meta": {
"url": "https://portal-applicant-tracking.us-cent.paycomonline.net/api/ats/job-postings/311259",
"http_status": 200,
"content_type": "application/json",
"response_bytes": 45633
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/9fabb5286f6d814513ea1dca53483ddd6811304e?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/e8a572cb-75af-4a74-801d-c4b032cd9504JSONGET https://api.bluedoor.sh/job-postings/v1/sources/7262a4a5-72a6-432d-ab32-df72cb1cd3a3JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/9fabb5286f6d814513ea1dca53483ddd6811304e/eventsJSON