IT Security Specialist

Job Title: IT Security Specialist

Work Location: Silver Spring, MD

Clearance: Public Trust background investigations can take approximately four to eight weeks and requires fingerprinting. All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History

Education: B.S. Computer Science, Math or Similar, Additional Years of IT Security Experience beyond the minimum can be counted (1:1) towards the degree requirement.

Experience: 4+ yrs. related experience

Certification: CISSP or Equivalent IT Security Certification

Schedule: Monday – Friday day shift

Travel: Occasional

Salary:

Job Listing Number: MD23003

Contract Labor Category: IT Security Specialist III

The position will support our customer, NOAA, providing cyber security program support for achieving FISMA requirements. The key objective of the project is to provide cyber security program support for achieving FISMA requirements by monitoring and overseeing the authorization to operate (ATO) process.

Primary Responsibilities:

Providing Information Security Engineering and Compliance support to Authorizing Officials (AO), System Owners (SO), Program Managers (PM), System Administrators (SA), Information System Security Manager (ISSM) as required, including but not limited to:

• Implement cyber security program services supporting achievement of FISMA requirements by monitoring, overseeing, and supporting the authorization to operate (ATO) process.
• Working closely with the SO to ensure documents are created in CSAM and submitted to the CIO for validation.
• Coordinating closely with the SO before and during the Security Authorization process to ensure they are aware of requirements, processes and expectations.
• Providing support to or serving as Information System Security Officer (ISSO) for information systems as assigned or as required.
• Advise Information System Owner (SO) regarding security considerations and FISMA system security requirements during all phases of the application or system development life cycle.
• Determine, document and implement appropriate level of security commensurate with the AO-approved security categorization (FIPS-199) of the information system and in accordance with FIPS-200 and NIST 800-53 security controls baseline.
• Develop and maintain all information system security documentation – System inventory, Policies & procedures, Interconnection agreements, FIP-199, FIPS-200, BIA, System Security Plan (SSP) and SSP appendices (System description/boundary, CM plan, Secure baseline, ISCM plan, CP plan, CP test results, IR plan and AT plan).
• Conduct Risk, Privacy (PTA/PIA) and E-Authentication assessments (ETA/ERA) annually.
• Facilitate Change Control Board (CCB) and conduct Security Impact Analysis (SIA) as part of the ongoing system configuration changes.
• Serve as a Single Point of Contact (SPOC) for all security incidents. Work with CIRT and Line Office ITSO for investigation and timely closure of corrective actions.
• Perform continuous monitoring to ensure that the security controls are implemented correctly, operating as intended and producing the desired outcome.
• Periodically scan all information system components and ensure identified vulnerabilities are remediated within established timelines.
• Monitor the status of the ATO and initiate actions early enough to ensure annual security Assessment and Authorization (A&A) activities are completed before the system becomes operational or the current ATO expires.
• Maintain the Security Authorization Package (SAP) and ensure on-time submission of the package for annual assessment.
• Develop and manage Plan of Action and Milestones (POA&Ms) to remediate identified weaknesses and ensure timely closure of all POA&Ms.
• Ensure compliance to the annual IT security training and certification requirements.
• Establish and maintain recurring weekly, monthly status/progress reports.
• Provide general project oversight, coordination and management for each assigned task providing Assessment and Authorization (A&A) support as required.
• Providing Plan of Action & Milestones (POAM) remediation support as required.
• Providing support for and as required executing authenticated vulnerability, application and database scanning for information systems. The Candidate shall track scanning compliance and trending exploits and remediation for information systems.

Required Skills:

• CISSP or Equivalent IT Security Certification
• Minimum of 4 years' experience performing the primary responsibilities detailed above in a US Federal Agency IT security environment.
• Demonstrated deep expertise and direct experience meeting the requirements of Federal Information Security Management Act (FISMA) requirements as mandated by the White House Office of Management and Budget (OMB), in accordance with NIST Standards and special publications.
• Demonstrated ability to analyze, assess and document the security status of IT systems, prepare associated documentation, and implement remedial actions when required.
• Excellent written and oral communications skills.

Additional Information:

• In order to meet the clearance requirements for this opportunity, candidates must be a US Citizen.
• All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History.
• Public Trust background investigations can take approximately four to eight weeks and requires fingerprinting.

To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume.

S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off. We are an Equal Opportunity Employer including Veterans/Disabled. S4 participates in the E-Verify employment verification program. Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times

If you are an individual with a disability or a disabled veteran and need a reasonable accommodation to apply to a position, please contact Janine Hunter, VP of Recruiting, by phone at (781) 430-9122 or by email at accommodation@s4inc.com.

Current Openings for IT Security Specialist Jobs at S4 Inc.