IT Security Specialist

About The Position

Requirements

• Bachelor's degree in a related specialized area or equivalent is required plus a minimum of 2 years of relevant experience; or Master's degree plus a minimum of 0 years of relevant experience.
• CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required.
• Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), JSIG (Joint SAP Implementation Guide), ICD-503, NIST SP 800-53.
• Experience implementing government security requirements to include technical computer/network system auditing
• Trained and proficient in Assured File Transfer (AFT) processes and tools
• Experience with various security assessment/hardening tools - STIGs, SCAP, ACAS, Nessus, etc.
• Very strong writing, speaking, analytical, and customer service skills
• Ability to participate in or lead security work groups
• Must be a self-starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervision
• Maintains contact with external customer security professionals
• This role requires a technical background creating POA&Ms, developing corrective action plans, and writing security plans, policies, and procedural documentation (not just reviewing or performing documentation review)

Nice To Haves

• Demonstrated comprehensive knowledge of the NISPOM, JSIG, ICD-503, NIST SP 800-53 and CNSSI 1253
• DoD 8140 IAM-II level professional certification (i.e. Security + CE, CAP, GSLC) or ability to obtain within six (6) months of hire.
• Systems administration experience is highly desirable

Responsibilities

• As a member of the Information Assurance Security team the IAP supports system security categorization efforts, security requirements selection/analysis, security control assessments and performs continuous monitoring.
• Executes or supports the execution of A&A activities, including development of required security documentation, including items such as System Security Plans, Security Assessment Reports, SCTM’s and POA&Ms in compliance with IA policy
• Perform weekly system audit reviews, media reviews, hardware/software configuration management
• Executes security testing and evaluation to ensure correct implementation of security controls
• Supports the assessment and mitigation of vulnerabilities throughout a systems life cycle
• Conduct IA security education training for all system users on appropriate risk mitigation strategies
• Perform incident response and cleanup actions, when necessary, per company or customer directions
• Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and procedures outlined in the System Security Plan (SSP).
• Assume ISSM responsibilities as assigned by the Region Manager and/or in the absence of the ISSM