Information Assurance Security Specialist (Remote Role)
About The Position
ICF is actively recruiting for an experienced Information Assurance Security Specialist to support a Cybersecurity Risk Management and Compliance program. Your work will contribute and support comprehensive assessments of implemented controls and control enhancements to determine control effectiveness (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and the organization). The Information Assurance Security Specialist role performs assessments as required by the organization’s continuous monitoring strategy which identifies the minimum monitoring frequency for implemented controls across organization; defines the ongoing control assessment approach; and describes how ongoing assessments are to be conducted (e.g., addressing the use and management of automated tools, and instructions for ongoing assessment of controls for which monitoring cannot be automated). This position prepares security and privacy assessment reports containing the results and findings from assessments. Provides an assessment of the severity of the deficiencies discovered in the system, environment of operation, and common controls and recommends corrective actions to address identified vulnerabilities. The Information Assurance Security Specialist facilitates development of corrective action plans of actions and milestones (POA&M). This role will be 100% remote and while building a great career path at ICF!
Requirements
- Bachelor’s degree with a minimum of 5 years of experience OR Associates Degree with 6+ years, OR At least 7 years of experience.
- CISSP or equivalent professional certification related to the role/area.
- Experience conducting vulnerability scans and recognizing vulnerabilities in security systems
- Experience identifying and reviewing appropriate documentation to validate control design, implementation, and operation
- Experience planning and performing appropriate interviews to validate control design, implementation, and operation
- Experience interfacing with customers
- Experience performing impact/risk assessments.
- Ability to obtain and maintain a Public Trust clearance is required
Nice To Haves
- Knowledge of federal and industry cyber regulatory compliance requirements
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
- Knowledge of cyber defense and vulnerability assessment tools and their capabilities
- Knowledge of Security Assessment and Authorization process
- Knowledge of Risk Management Framework (RMF) requirements
- Knowledge of system and application security threats and vulnerabilities
- Knowledge of systems diagnostic tools and fault identification techniques
Responsibilities
- Develops and implements information assurance/security standards and procedures.
- Coordinates, develops, and evaluates security programs for an organization.
- Recommends information assurance/security solutions to support customers’ requirements.
- Identifies, reports, and resolves security violations.
- Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
- Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
- Ensures that all information systems are functional and secure.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
