Cyber Security Specialist

Active Secret Clearance Required.The Intermediate Assurance and Cyber Security Policy Specialist will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large Federal agency. The ideal candidate will have strong data analysis and written and verbal communication skills. The candidate will possess in-depth knowledge of applying, selecting and testing the NIST family of security controls. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.Primary Responsibilities:Advising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.

Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements.

Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.

Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Client CyberScope experience a plus.

Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzation, and presentation of enterprise-level InfoSec performance metrics.

Managing InfoSec Program POA&Ms, including advising on remediation efforts.

Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures.

Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions.

Advising CDM implementation efforts.

Identifying opportunities for efficiencies in work process and innovative approaches.

Participating in team problem solving efforts and offer ideas to solve client issues.

Conducting relevant research, data analysis, and developing reports.

Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices.

Implementing processes and procedures to monitor risk across programs / projects.

Preparing briefings to executive team to debrief the results of studies, analyses, and plans.

Assist in proposal development, as requested.

Minimum Qualifications:Active Secret Clearance Required.

Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) additional years of experience in IA/Information Security will be an acceptable substitute for a Bachelor's degree.

Minimum of three (3) years of IA specialized experience, including three (3) or more years of applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4).

Intermediate or Advanced security certifications (e.g., CISA, CISSP, CISM or equivalent).

Job Type: Full-timePay: $90,000.00 - $100,000.00 per year