COMPANY OVERVIEW

Development InfoStructure LLC., (Devis) is a leading provider of innovative software development, management, and consulting services, specializing in cutting-edge technologies such as DevSecOps, AI, and Machine Learning. With over 30 years of experience as a small business, we have established ourselves as a trusted partner for government agencies, delivering tailored, mission-critical solutions that drive digital transformation and operational excellence. Our client-centric approach, coupled with our deep domain expertise and technical prowess, enables us to forge enduring relationships and consistently deliver high-impact, adaptive solutions that resonate with the unique needs of the public sector.
Our primary mission is to best serve the needs of our clients by solutioning with our stakeholder teams to ensure that the goals and objectives of our customers are proactively solutioned, such that opportunities to invest our time in developing long-term solutions and assets are abundant and move our clients forward efficiently.
At Devis, we are enthusiastic about our research, our work and embracing an environment where all are supported in the mission, while maintaining a healthy work-life balance.

REQUIRED SKILLS AND QUALIFICATIONS

• BA/BS in Information Systems, Cybersecurity, or a related field.
• 5-7 years of hands-on experience in system security, risk analysis, and compliance.
• Experience implementing and maintaining security documentation in accordance with RMF and NIST guidance
• Working knowledge of FedRAMP, FISMA, and DHS cybersecurity compliance frameworks
• Familiarity with AWS security practices and cloud compliance strategies
• Understanding of Zero Trust Architecture and its application in federal environments
• Experience using governance tools (e.g., eMASS, Xacta, ServiceNow GRC)
• Excellent organizational and tracking skills, especially for POA&M and control implementation statuses
• Demonstrated ability to interpret federal policy and translate into actionable security tasks
• Experience with the Federal government, preferably with DOS

CLEARANCE REQUIREMENTS

• Must be a U.S. Citizen with the ability to obtain and maintain a Secret clearance.
• Active Secret Clearance.

• Analyze and define security requirements for Multilevel Security (MLS) systems and environments
• Design, engineer, and implement technical solutions to meet MLS and system security requirements
• Conduct risk analyses and assessments, documenting findings and recommendations
• Develop and update security documentation including standards, policies, SOPs, and architecture diagrams
• Serve as the primary Point of Contact (POC) for:
• Security Impact Assessment (SIA) packages for the Network Operations Center (NOC).
• IRM ITCCB submissions and tracking.
• Monthly, quarterly, and annual ISSO checklist deliverables.
• Updates to System Security Plans (SSPs) and POA&M entries.
• Monitoring cybersecurity scorecard metrics.
• Participate in governance and compliance activities, including IRB, CCB, A&A, and M-21-31 policy meetings.
• Provide secondary support for:
• Transition to NIST SP 800-53 Rev 5 controls.
• Implementation of M-22-09 Zero Trust cybersecurity principles.
• Transition from General Support System (GSS) to AWS-hosted infrastructure.
• Supply Chain Risk Management control family establishment.
• Compliance with FAN/FAH guidance and Binding Operational Directives
• Support the preparation and maintenance of A&A packages and system compliance documentation.
• Respond to taskers and special projects as assigned.