Senior IA Specialist (FISCAM/FIAR SME)

DecisionPoint Corporation is seeking a Senior Information Assurance (IA) Specialist / FISCAM-FIAR Subject Matter Expert (SME) to support our U.S. Transportation Command (USTRANSCOM) Integrated Booking System (IBS) program. This role leads cybersecurity, compliance, and audit readiness efforts, ensuring alignment with DoD Risk Management Framework (RMF), federal financial audit requirements, and enterprise security standards.

The Senior IA Specialist serves as a key advisor on FISCAM (Federal Information System Controls Audit Manual) and FIAR (Financial Improvement and Audit Remediation) requirements, ensuring systems, processes, and controls meet audit and cybersecurity expectations. This role supports mission-critical transportation and logistics systems by integrating security, compliance, and audit readiness across the system lifecycle.

The ideal candidate brings deep expertise in cybersecurity compliance, RMF, and financial audit frameworks, with the ability to lead efforts across technical, functional, and audit domains.

Serve as the FISCAM/FIAR SME, providing leadership on audit readiness, internal controls, and compliance activities
• Lead cybersecurity efforts across the IBS program, ensuring compliance with DoD RMF, NIST, and federal audit requirements
• Identify, assess, and mitigate security risks, threats, and vulnerabilities across the system lifecycle
• Design and enforce secure system and application practices aligned with STIGs, OWASP, and DoD security standards
• Lead development and maintenance of RMF accreditation packages, including ATO, ATC, and IATT artifacts
• Ensure implementation of NIST SP 800-53 security controls and integration of security into the SDLC
• Conduct and oversee security assessments, audits, and control validation activities
• Perform and review vulnerability scans using tools such as Fortify, ACAS, and SCAP, ensuring timely remediation
• Track and manage vulnerabilities, ensuring proper documentation and closure of findings
• Maintain and manage POA&Ms and support remediation tracking and reporting
• Develop and maintain security documentation within eMASS or other Government systems
• Support continuous monitoring activities, including automated and manual security assessments
• Provide audit support, including preparation of artifacts, responses to findings, and coordination with auditors
• Ensure compliance with NIST SP 800-128 and security-focused configuration management practices
• Collaborate with Government, financial, and technical teams to ensure alignment between system controls and audit requirements
• Provide regular security metrics, reporting, and compliance status updates to stakeholders and leadership
• Support secure system design, including encryption, logging, and secure communication protocols

• Active Secret Clearance
• IAT Level II certification (CompTIA Security+ CE or higher preferred)
• Minimum 7+ years of experience in Information Assurance, cybersecurity, or compliance within DoD environments
  
• Demonstrated experience with FISCAM and FIAR audit requirements and audit readiness activities
  
• Strong knowledge of DoD RMF processes and NIST SP 800-53 security controls
  
• Experience developing and maintaining RMF accreditation documentation (ATO, SSPs, POA&Ms, etc.)
  
• Experience with vulnerability scanning tools (Fortify, ACAS, SCAP or similar)
  
• Strong understanding of secure coding practices, system hardening, and security architecture
  
• Experience supporting continuous monitoring and security assessment activities
  
• Knowledge of NIST SP 800-128 and configuration management security practices
• Ability to lead compliance efforts across technical and functional teams
• Strong analytical, problem-solving, and communication skills
• Ability to operate in a fast-paced, mission-driven environment

Preferred:

• Experience supporting USTRANSCOM or DoD transportation/logistics systems
• Experience supporting financial systems or audit sustainment environments
• Familiarity with eMASS, PPSM, and DoD authorization processes
• Experience working in AWS GovCloud or cloud-based secure environments
• Advanced certifications such as CISSP, CISA, or CISM
• Experience integrating DevSecOps security practices into CI/CD pipelines

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.