This listing was posted on ApplicantPool.
Senior Cyber Security Specialist
Location:
Camp Springs, MD
Description:
POSITION TITLE: Sr. Cyber Security Specialist YEARS OF EXPERIENCE: 5+ Years ONSITE (Y/N): Onsite - Hybrid schedule; 1 day/week onsite LOCATON: Camp Springs, MD 20588 CLEARANCE REQUIRED: Public Trust *****Please Note: Aretec, Inc. does not offer Corp - 2 - Corp (C2C) employment. ***** Aretec is looking for a Senior Cyber Security Specialist to join our team supporting our government client. This position requires on-site support 1 day/week (Tuesdays or Thursdays) at our federal client's HQ located in Camp Springs, MD. The successful candidate will assist the client with ensuring all aspects of the Risk Management/ Continuous Monitoring Program is operating as intended and make process improvement recommendations to drive efficiencies within the organization. The individual will act as a liaison between various groups within the client organization including but not limited to the Security Control Assessment Team (SCA), Risk Management and Internal Controls (RMIC) Group, and System development & Maintenance Team as well as other groups within the Information Security Division. The Senior Cyber Security Specialist may be asked to lead a team of up to 3 Security Analysts in coordinating workload, identifying dependencies, escalating risks, etc. RESPONSIBILITIES: Using automated tools, identify presence and use of any unapproved technology components in the common operating environment to ensure compliance with the client's enterprise architecture and applicable reference models. Work closely with the client's Audit Team to identify areas for process improvement. Understand and incorporate lessons learned from internal and external audits across the enterprise's portfolio of IT systems by working closely with the client's Audit Team. Validate results of control testing conducted by Information System Security Officers (ISSO) in support of annual self-assessment requirements for IT systems within the required testing frequencies as part of the Continuous Monitoring Program. Review artifacts submitted as evidence of control testing results as a part of the self-assessment testing conducted by the ISSOs to validate reported test results. Review, validate, and track false positives and known deviations in scan results reported by the ISSOs to provide assurance that IT system operation meets specified security control implementation requirements as specified in the NIST SP800-53 and supporting DHS guidance. Review documentation submitted in support of requesting a waiver for compliance with specified security requirements per the NIST SP 800-53, and provide recommendations to client for approval and acceptance of associated risk. Review and assess system changes to determine the level of independent security assessment required in support of the Security Impact Analysis process for the enterprise portfolio of systems. Coordinate with the SCA team on testing of common controls, the client's RMIC Group for A-123 and external assessments, as well as the schedule for testing applications due to major changes. Perform quality assurance reviews of security documentation as needed to ensure content meets the intended requirements and is suitable to determine the security posture and associated risk of an IT system. Participate in process improvement initiatives to mature the client's internal business processes in areas including, but not limited to, vulnerability remediation, patch remediation efforts, STIG compliance, and standard OS images. Develop and maintain documentation relating to internal security processes and procedures, including related training materials. Develop briefings and presentations for Government PM and Executive Management. Perform other duties as assigned by the Government. Ability to work efficiently and effectively in a dynamic and fast-paced environment. Determine the clearest and most logical way to present information and instructions for greatest reader comprehension, and write and edit technical information accordingly. Meet with SMEs in order to ensure that specialized topics are appropriately addressed and discussed. REQUIRED SKILLS: Must be a US Citizen with suitable eligibility for Public Trust Minimum of 5 years of experience specific to evaluating IT systems using NIST SP 800-53 in the federal government. Previous experience supporting Department of Homeland Security federal clients preferred. Previous experience using one or more of the following tools: tenable.io, Nexus IQ Server, Splunk Enterprise v 7.3 and higher, DoJ CSAM, JIRA/ Confluence, CloudCheckr, PrismaCloud Working knowledge of the NIST SP 800-37 Risk Management Framework. In depth knowledge of the NIST SP 800-53 and direct experience applying the NIST SP 800-53 to document and evaluate IT system compliance with specified control requirements. Previous experience as an IT Project Manager and/or possess the necessary IT background to accurately assess system changes and categorize them as a major versus minor change. Demonstrates the ability to assess overall risk to an IT system and the data it stores, processes, or transmits, based on the type of IT system changes being implemented. Ability to work independently and possesses a solid understanding of cyber security concepts. Ability to communicate clearly and effectively via written and verbal communication in both formal and informal situations. Ability to clearly communicate complex technical concepts to Information Technology Project Managers, Database Administrators, Application Developers, and Security Compliance Analysts, as well as non-technical POCs such as Branch Chiefs and Business System Owners. Ability to adapt to frequent changes in priorities, follow project schedules, meet established deadlines, and proactively communicate risks and issues to the Contractor PM and/or Federal Leads. Ability to adapt to an Agile environment and provide quality, professional deliverables in a short timeframe with little to no guidance from the Government. Possess good listening skills and the ability to detect explicit and implicit needs and wants of the client. Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints Possess strong analytical and critical thinking skills with the ability to apply them to the client/ contract workspace. Must have previous client-engagement experience. PREFERRED SKILLS: Previous experience supporting Department of Homeland Security federal clients. EDUCATION: Bachelor's Degree in Information Technology or related field. Aretec has become aware of fraudulent behavior whereby individuals falsely present themselves as employees, affiliates agents, recruiters or representatives of Aretec Inc. and contact job seekers regarding an employment or investment opportunity. Such fraudsters are misusing similar domain names, email addresses, marks, and logos of the Aretec Inc. to deceive the general public. Aretec Inc. or its brands will never ask prospective job seekers for any payment to access our employment services including attending interviews or to receive job offers. Aretec Inc. or its brands, also will never ask candidates to pay a fee to secure employment or in order to receive payment of their wages or salary. In addition, Aretec Inc. or its brands do not operate any websites or mobile applications which ask people to make investments, purchase products or pay any money to receive commission payments. Aretec Inc. shall not be liable for loss or damage suffered as a consequence of any participation by any persons in any such fraudulent and unauthorized schemes. We urge you to be cautious when opening links or attachments from unknown third parties. Except for legitimate business purposes, Aretec Inc. does not send e-mails asking for sensitive information such as bank details or other personally identifiable information nor do we charge or accept any amounts of money. Therefore, do not send money at any time to anyone claiming to be from Aretec Inc. or its brands in relation to prospective employment, or to receive wages or salary, or commission earning investments, either directly or via a mobile application. Please check all email addresses allegedly from Aretec Inc. (@aretecinc.com).
Company:
Aretec
Posted:
December 26 2023 on ApplicantPool
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to ApplicantPool
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Senior Cyber Security Specialist
Senior Cyber Security Specialist is a Jobs Senior Cyber Security Job at Aretec located in Camp Springs MD. Find other listings like Senior Cyber Security Specialist by searching Oodle for Jobs Senior Cyber Security Jobs.
Senior Cyber Security Specialist is a Jobs Senior Cyber Security Job at Aretec located in Camp Springs MD. Find other listings like Senior Cyber Security Specialist by searching Oodle for Jobs Senior Cyber Security Jobs.