Information Security Specialist
POSITION OVERVIEW
GAMA-1 Technologies, LLC is seeking a highly motivated, customer-oriented Information Security Specialist to join our team. Our Team supports NOAA/NWS Enterprise-Wide Security Services Support contract. The candidate will be based at the Silver Spring Metro Complex (SSMC2), 1325 East-West Highway, Silver Spring, MD, 20910.
Candidate will assist in the conduct of the Annual Security Assessment & Authorization (SA&A) process for all moderate- and high-impact information systems within the NWS Enterprise using NIST-based security models (Risk Management Framework (RMF) and Continuous Monitoring (CM)). A wide degree of creativity and latitude is expected.
Candidate must have hands-on experience conducting annual security control assessments and/or leading assessment teams. Candidate must have extensive knowledge of and experience with NIST 800-series publications, with emphasis on current versions of SP 800-37, 800-53, and SP 800-53A. Professional communications skills, both oral and written, are required.
KEY DUTIES (Not limited to)
- Travel is required, and will include travel to various NWS sites distributed across the coterminous United States, Hawaii, and Alaska. Travel is estimated at 6-8 trips of one-week duration per year.
- Conducting annual security control assessments in accordance and compliance with policies and procedures provided by DOC/NOAA/NWS. Systems under assessment include all moderate- to high-security categorization systems in the NWS enterprise. Security assessments are to be conducted in accordance with NIST-based processes as defined in current versions of SP 800-37, SP 800-53, and SP 800-53A.
- Assisting in developing preliminary risk/vulnerability analyses and documenting results of the assessment process, including Security Assessment Plans (SAPs), Security Control Assessment (SCA) Spreadsheets, Vulnerability Assessment Reports (VARs), Security Assessment Reports (SARs), and Authorization Out-Brief Presentations.
ESSENTIAL QUALIFICATIONS
- Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio, and Project)
- Must be organized, timely, and customer service oriented
- Ability to work well independently and in a team setting
- Adaptability, flexibility and ability to deal with ambiguity and change
- Excellent verbal and written communication skills
- Excellent attention to detail and good analytical skills
REQUIRED TECHNICAL SKILLS:
- At least four (4) to six (6) years of relevant experience required
- Utilization of scanning products such as: Nessus, Retina, Core Impact
- Knowledge of security best practices such as defense in-depth, least privilege, access controls, encryption
- NIST 800-37 experience
- Experience with NIST SP 800-53 and SP 800-53A (Revision 4 preferred)
- Experience with FISMA A&A continuous monitoring
- Experience with providing FISMA Vulnerability and Compliance Scanning
- Experience with SA&A Core Documentation development (i.e., SAP, SCA, VAR, SAR)
- Experience in assessing and maintaining moderate- to high-impact information systems
- Experience with Automated Reporting Tools, e.g., Cyber Security Assessment and Management (CSAM) or Trusted Agent FISMA (TAF)
- Plan of Action and Milestone (POA&M) Management
- Experience with System and Network administration
DESIRED CERTIFICATIONS (at least one)
- CISM, CISSP, CISA, CAP, CRISC, GSNA
EXPERIENCE AND EDUCATION
- Bachelor’s Degree in Computer Science or related field (i.e., EE, CPE, MIS, IT)
- Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project)
- Strong verbal and written communication skills
- Must be organized, timely, and customer service oriented
- Ability to work well independently and in a team setting
- Adaptability, flexibility and ability to deal with ambiguity and change
- Excellent oral and written communication and customer service skills
- Excellent attention to detail and good analytical skills
- ITIL v3 Foundation Certification, or ability to obtain certification within 6 month
- US Citizenship
- Ability to obtain and maintain a government security clearance
GAMA-1 is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind
|
Job Details
Location: Silver Spring, MD
Full Time
|