IT Security Specialist

About The Position

Requirements

• 6-8+ years of experience leading to detailed knowledge of satellite ground systems architecture, IT Security principles, practices, and processes
• Detailed knowledge of Federal IT Security policies including FISMA, NIST Special Publications including 800-53, FIPS, NOAA IT Policies, NESDIS Policies and Procedures, and NIST IT Security controls implementation strategies
• Knowledge of systems engineering and systems administration processes
• Demonstrated experience with NOAA and NESDIS common IT security and systems tools including Tenable Nessus/Security Center, IBM Big Fix, Tripwire, Trellix, F5 BigIP, CyberArk, ArcSight (MicroFocus) and Axonius, and PowerShell & Python, PKI Axway, ClearQuest/ClearCase, and Jira
• CISSP, CompTIA Security+, CEH Certifications required
• Must be a US Citizen or Permanent Resident who has lived in the United States at least 3 out of the last 5 years and be able to pass a background investigation to obtain a security badge to access applicable government facilities and systems

Nice To Haves

• Preferred certifications include one IAT Level II and one IAT Level III DoD Approved 8570

Responsibilities

• Support work for successful completion of Plans of Action and Milestones (POA&M) milestones and schedules
• Manage DoD certificates for both users and servers/workstations
• Manage and troubleshoot BigFix, TripWire, Tenable Security Center, Trellix, F5 BigIP, CyberArk, ArcSight (MicroFocus), Axonius and PKI Axway servers
• Provide continuing operations support to system admins during failover exercises
• Perform monthly malware scans in all environments and brief results to ISSO
• Run Nessus vulnerability scans on all assets and upload scan results to Tenable.sc
• Manage and maintain Online Certificate Status Protocol (OCSP) across all JPSS environments
• Scan CM-Media before their use on the system to maintain the security posture of JPSS assets
• Work on monthly and quarterly scan to inventory ratio analysis and prepare FISMA reports for the ISSO
• Conduct and oversee the troubleshooting of security related events and anomalies
• Assist the ISSO and coordinate artifact collections across all JPSS Maintenance Teams in support of the annual Security Control Assessment and POA&M management
• Draft initial System Impact Analysis (SIAs) for all planned implementations/changes
• Perform Daily Security Health Monitoring and report to JPSS Stakeholders daily and prepare weekly JPSS reports for all Security stakeholders
• Create Trouble tickets via ECMT and Discrepancy Reports in Jira to investigate and track to closure security events of interests
• Use internal scripts (PowerShell & Python) to check servers/applications' health and status
• Coordinate and oversee daily, weekly, monthly, and quarterly deliverables within the Security Team
• Organize on-call schedule for Security Team members

Benefits

• Medical, Rx, Dental, and Vision Insurance
• 401(k) retirement plan with company-matching
• 11 Paid Federal Government Holidays
• Basic Life & Supplemental Life
• Health Savings Account, Flexible Spending and Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Employee assistance program (EAP)
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Professional Membership Reimbursement
• Employee Referral Program
• Competitive compensation plan
• Discretionary variable incentive bonuses based on factors such as individual performance, business unit performance, and/or the company's performance
• Publication and Conference Presentation Awards with bonuses