Information Security Risk Specialist, Senior

About The Position

Requirements

• Experience implementing information assurance or cybersecurity processes and policies
• Experience managing and administering Assured Compliance Assessment Solution (ACAS) and Host-Based Security System (HBSS)
• Experience utilizing the Enterprise Mission Assurance Support Service (eMASS) to address security controls, create POA&Ms, and upload artifacts such as STIG checklists or ACAS scans
• Experience supporting system security and authorization processes across multiple platforms, environments, or Impact Levels
• Experience reviewing vulnerability documentation and writing Residual Risk statements
• Experience reporting IT security events or incidents based on policies and procedures
• Secret clearance
• HS diploma or GED

Nice To Haves

• Experience serving as an Information Systems Security Officer (ISSO)
• Knowledge of Cloud-based infrastructure and DevSecOps principles and practices
• Knowledge of security tools such as Microsoft Intune, Microsoft Defender, or other similar security tools
• Ability to use and operate security tools, including Tenable Nessus, SecurityCenter, IBM Guardium, HP WebInspect, or Network Mapper
• Ability to meet DoW 8140 requirements

Responsibilities

• Address security controls
• Create POA&Ms
• Upload artifacts such as STIG checklists or ACAS scans
• Support system security and authorization processes across multiple platforms, environments, or Impact Levels
• Review vulnerability documentation
• Write Residual Risk statements
• Report IT security events or incidents based on policies and procedures

Benefits

• health, life, disability, financial, and retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program