Senior Information Security Specialist

Job Description

Summary

Join a stable and growing company on a long-term Federal project with variety and interesting challenges. Bring your extensive knowledge and experience in delivering security administration support to data centers which includes incident reporting, planning, standards compliance, platform configuration management, cyber security vulnerability tracking, and secure user access and management.

Exercise your expert knowledge of information system security and federal risk management framework in an environment that provides autonomy and flexibility, on a project that respects, utilizes, and develops your expertise.

Work in a small team of technical and program support consultants for a large federal agency.

Workplace choice either Washington DC, Reston, VA, or Lakewood, CO. Limited Telecommuting. Top salary for highly qualified candidates.

NO PHONE CALLS, PLEASE.

Responsibilities

• Map and implement necessary defined security controls as they relate to the agency infrastructure on agency owned devices.
• Develop, implement and maintain security documents such as :
• System Security Plans (SSP)
• Risk Assessments
• Risk Acceptance documentation
• Security Impact Analyses
• Contingency Plans
• Incident Response Plans
• Plan of Actions & Milestones (POA&M)
• Independent Security Assessment (ISA)
• Memorandum of Understanding (MOU)
• Service Level Agreements (SLA)
• Assessment & Authorizations (A&A)
• Provide input to auditors, to include providing artifacts to support current configurations
• Assess existing systems, applications, tools in addition to existing security processes for security implications and recommend improvements to strengthen security posture based on assessment.
• Conduct continuous monitoring to include maintenance of current ATO, monitoring compliance, conducting assessments, conducting periodic scans, auditing events and review of audit logs, ensuring media is properly secured before transit or sanitized before disposal.
• Provide recommendations to the agency on methods to minimize security impacts of new requirements, technologies in accordance with policies, federal laws & mandates.
• The contractor will coordinate / facilitate meetings and regular interaction with System Owner, agency IT Security personnel, data center personnel, change control board personnel and data center end users providing technical and non-technical security-based expertise, guidance and documentation.
• Develop, communicate, and enforce security policies, procedures and safeguards for all systems and staff, based upon Data Center and other government standards.

Qualifications - Required

• BA / BS
• 6+ years of experience
• Minimum of 4 years direct full-time experience conducting security assessments and developing all deliverables within a system authorization package .
• Must have knowledge of hybrid (on-premise & cloud) data center environments to include evaluation and guidance on security control implementation on network, storage, server (Windows, Linux, Oracle) and platform (Microsoft Hyper-V and Azure Preferred).
• Must have direct experience developing IT security policies, architectures, and standard operating procedures with a strategic perspective.
• Extensive knowledge of and practical experience with implementing standard methodologies used in the Risk Management Framework
• Must have detailed and extensive experience with implementing, evaluating, and documenting all technical, management, and operational security controls as defined by the NIST SP 800-53 (as amended).
• Expert-level knowledge and experience with NIST guidelines and industry best practices for : Risk Assessment and Management, Vulnerability Analysis, Contingency Planning, Disaster Recovery, Configuration Management, Security Assessments and developing Mitigation Plans.

Qualifications - Highly Desired

• Bachelor's in computer science, Engineering, Technology or a related field
• CISSP

Compensation

$117,000 - $129,000 / yr, based on capability and experience

Other

• Location : Washington, DC metro area and / or Lakewood, CO
• Telecommuting : Limited
• Hours : Full Time

About BUSINESS PERFORMANCE SYSTEMS

Business Performance Systems is a successful, well-established small business composed of skilled consultants supporting high-priority government projects.

We provide our staff with a great degree of autonomy and growth potential in a company that combines the entrepreneurial environment of a small business with the maturity and financial stability of a large company.

We offer competitive salaries and a comprehensive benefits package. Learn more about us at .

Business Performance Systems is an equal opportunity employer.

Job Posted by ApplicantPro