Information Security Specialist

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field
• 3–5 years of experience in information security or cybersecurity operations
• Experience with Microsoft security technologies, including Microsoft Defender, Microsoft Intune, and Microsoft Purview.
• In depth understanding of software and system vulnerability management.
• Experience with log aggregation, SIEM tools, or advanced threat detection
• Experience with managing the security of Windows and Linux systems in an Enterprise environment.
• Experience implementing and maintaining STIGS or CIS Benchmarks
• Must be able to obtain & maintain Secret clearance
• US Citizenship required

Nice To Haves

• Industry certifications such as Security+, CISSP, or equivalent
• Experience supporting CMMC/NIST 800-171 or NIST 800-53/RMF
• Familiarity with endpoint management and configuration baselines across enterprise systems
• Experience working in a regulated environment handling Controlled Unclassified Information (CUI)
• Experience with managing MacOS systems in an Enterprise environment
• Experience maintaining security controls and working on a change control board.
• Experience leveraging AI tools in an enterprise setting.
• Experience as a COMSEC custodian

Responsibilities

• Manage system vulnerabilities, including scanning, prioritization, and remediation.
• Support patching and configuration enforcement through endpoint management solutions
• Provide continuous monitoring of information systems, ensuring audit logs are collected, reviewed, and anomalous activity is identified and mitigated.
• Analyze and correlate logs from endpoints, servers, identity systems, and cloud services.
• Configure and tune alerting and automated response capabilities for security events.
• Perform incident response and reporting for cybersecurity events including malware, phishing, unauthorized access, and data exfiltration.
• Maintain Plans of Action & Milestones (POA&M) and track remediation to closure
• Ensure all system security documentation (e.g., SSPs, baselines, policies, procedures) is current and audit-ready.
• Assist in development and maintenance of security policies, standards, and technical controls.
• Review and assess security impact of system changes as part of change control processes
• Recommend and implement security configurations across Microsoft 365, endpoint, and identity platforms.
• Conduct user activity monitoring and support investigations related to potential insider threat or policy violations.
• Run security awareness initiatives, including phishing simulations and training activities.
• Prepare reports on the status of vulnerabilities, incidents, and overall security posture.

Benefits

• Competitive benefits package
• Coverage of the cost of medical for you and your family
• Dental
• Vision
• Health and wellness benefits
• Generous retirement savings plan
• Generous PTO policy