Information Security Risk Specialist
About The Position
Information Security Risk Specialist The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise and government agencies. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you. We need your knowledge as an information security risk spe cia list to help break down complex threats into manageable plans of action. As an Information Security Risk Spe cia list on our team, you’ll assist technical leaders with discovering their cyber risks, understanding applicable policies , and developing a mitigation plan. You’ll get technical and personnel details from key stakeholders to assess the entire threat landscape. Then, you’ll help your team guide your client through a plan of action with presentations, white papers, and milestones and help to translate security concepts so they can make the best decisions to secure their critical infrastructure, and mission-critical systems. Join us. The world can’t wait.
Requirements
- 2+ years of experience with program control and governance, system security lifecycle management, authorization, POA & Ms, vulnerability remediation, privacy, Information Systems Security Engineer ( ISSE ) support, and threat modeling
- 2+ years of experience preparing system accreditation documentation required by the Navy or DoD and assessing system vulnerability using approved DoD tools
- 2+ years of experience guiding a client through the entire Risk Management Framework ( RMF ) and Authority to Operate ( ATO ) process
- Knowledge of policy management support, change management, cybersecurity engineering, requirements, and cybersecurity tools development
- Knowledge of cybersecurity monitoring standards and enterprise security requirements or standards such as FIPS, NIST, Executive Orders, Notices, and Memoranda
- Top Secret clearance
- HS diploma or GED
- Industry c ertification such as CISSP or CompTIA Security+ Certification
Nice To Haves
- Experience maintaining security configurations of production, development, and test systems by applying and configuring security controls
- Experience with STIGs
- Experience with DevSecOps
- Experience with Cloud technologies
- Experience with operating systems, including Linux, UNIX, Ubuntu, or Red Hat
- Ability to apply cybersecurity engineering met hods to solutions development lifecycle activities
- Ability to research emerging technology and apply findings to cutting-edge problems
- Possession of excellent presentation and collaboration skills
Responsibilities
- Assist technical leaders with discovering their cyber risks
- Understand applicable policies
- Develop a mitigation plan
- Assess the entire threat landscape
- Guide your client through a plan of action with presentations, white papers, and milestones
- Translate security concepts
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
