Yesterday
Unspecified
Senior Level Career (10+ yrs experience)
No Traveling
IT - Security
Clarksburg, WV (On/Off-Site)
Position Summary:
We are seeking a highly qualified and experienced Senior Information Security Specialist with 10+ years of experience that will support the establishment, implementation, and maintenance of a life-cycle security model that develops, maintains, and dispositions of the customer. The Senior Specialist will assess information systems to ensure that the management, operational, personnel, and technical controls are functioning effectively during all phases of the system lifecycle. The Senior Specialist will focus on Identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities associated with information systems; Information system compliance with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA and SANS Institute, The Senior Specialist will take an important role in collaborating and providing security management, practices and federal policy expertise in the Agile development environments. The Senior Specialist be a leader responsible for coordinating with the contract team security personnel, especially the ISSO and also to the numerous system owners to ensure their products are operated and maintained in accordance with government policies and practices.
Key Responsibilities:
Lead or serve as Senior Subject Matter Expert (SME) within SAFe-aligned project environments
Empower, guide security teams to perform at peak operational levels as Team Lead
Ensure system and data protection are mission-critical, business aligned
Collaborate with stakeholders to evaluate and mitigate technical and operational cybersecurity risks
Apply 800-53 controls to assess, improve, and document system security posture
Validate controls throughout the system lifecycle, supporting ISSOs where needed
Support selection and implementation of controls and industry best practices
Lead FISMA compliance efforts, take part in contingency planning /incident response exercises, real event remediation and reporting
Safeguard IT assets from malware and unauthorized activities via prevention and detection protocols
Review change requests, utilize change management tools to assess impact
Oversee documentation, POA&Ms, and continuous improvement of IA posture with cross-functional teams
Monitor system activity and audit logs using tools such as Splunk to detect and respond to anomalies
Utilize intrusion detection tools to validate integrity and critical file configurations
Conduct assessments, execute vulnerability remediation through periodic scans
Manage and troubleshoot system access controls and permissions across diverse user groups
Ensure privileged user access is managed and mandatory training is completed
Install and maintain timely updates of critical patches and security hotfixes
Demonstrate working knowledge of SSPs, including updating user guides and governance artifacts
If assigned, serve as Registration Authority (RA) for designated platforms to manage digital credentials
Promote cybersecurity awareness by leading or participating in training activities
Technical Experience or Knowledge
Minimum of 10+ years of security experience as an Senior Information Security Specialist equivalent position
Previous hands-on technical experience in networking, system administration and development; and utilizing Splunk for audit log review and system alerting.
Demonstrate experience with the following tools:
JCAM (Joint Cybersecurity Authorization Management)
Telos Xacta
GitLab
Atlassian JIRA and Confluence
Microsoft SharePoint
BigFix
Tenable Security Center
In addition, the ISSS should be capable of providing targeted input on key documentation efforts such as:
Interconnection Security Agreements (ISAs)
Security Assessment Reports (SARs) provided on an as-needed basis to support system authorization and risk management activities
Education/Certifications/Skills
Associates degree or Bachelor’s in Systems Security, Cybersecurity, Computer Science, Information Technology, or related field
Highly recommended in CompTIA Security+ or equivalent certification
Preferred certifications in the following to include one or all of the following:
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
AWS Certified Security – Specialty
Microsoft Certified: Azure Security Engineer Associate
Google Professional Cloud Security Engineer
CompTIA Cloud+
Agile Certifications, preferred
Strong knowledge of SAFe/Agile methodologies software development life cycles, and modern project management tools and techniques like Continuous Integration and Continuous Deployment (CI/CD) practices
Strong problem-solving skills, with the ability to troubleshoot complex issues
Excellent communication, negotiation, and stakeholder management skills
We are seeking a highly qualified and experienced Senior Information Security Specialist with 10+ years of experience that will support the establishment, implementation, and maintenance of a life-cycle security model that develops, maintains, and dispositions of the customer. The Senior Specialist will assess information systems to ensure that the management, operational, personnel, and technical controls are functioning effectively during all phases of the system lifecycle. The Senior Specialist will focus on Identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities associated with information systems; Information system compliance with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA and SANS Institute, The Senior Specialist will take an important role in collaborating and providing security management, practices and federal policy expertise in the Agile development environments. The Senior Specialist be a leader responsible for coordinating with the contract team security personnel, especially the ISSO and also to the numerous system owners to ensure their products are operated and maintained in accordance with government policies and practices.
Key Responsibilities:
Lead or serve as Senior Subject Matter Expert (SME) within SAFe-aligned project environments
Empower, guide security teams to perform at peak operational levels as Team Lead
Ensure system and data protection are mission-critical, business aligned
Collaborate with stakeholders to evaluate and mitigate technical and operational cybersecurity risks
Apply 800-53 controls to assess, improve, and document system security posture
Validate controls throughout the system lifecycle, supporting ISSOs where needed
Support selection and implementation of controls and industry best practices
Lead FISMA compliance efforts, take part in contingency planning /incident response exercises, real event remediation and reporting
Safeguard IT assets from malware and unauthorized activities via prevention and detection protocols
Review change requests, utilize change management tools to assess impact
Oversee documentation, POA&Ms, and continuous improvement of IA posture with cross-functional teams
Monitor system activity and audit logs using tools such as Splunk to detect and respond to anomalies
Utilize intrusion detection tools to validate integrity and critical file configurations
Conduct assessments, execute vulnerability remediation through periodic scans
Manage and troubleshoot system access controls and permissions across diverse user groups
Ensure privileged user access is managed and mandatory training is completed
Install and maintain timely updates of critical patches and security hotfixes
Demonstrate working knowledge of SSPs, including updating user guides and governance artifacts
If assigned, serve as Registration Authority (RA) for designated platforms to manage digital credentials
Promote cybersecurity awareness by leading or participating in training activities
Technical Experience or Knowledge
Minimum of 10+ years of security experience as an Senior Information Security Specialist equivalent position
Previous hands-on technical experience in networking, system administration and development; and utilizing Splunk for audit log review and system alerting.
Demonstrate experience with the following tools:
JCAM (Joint Cybersecurity Authorization Management)
Telos Xacta
GitLab
Atlassian JIRA and Confluence
Microsoft SharePoint
BigFix
Tenable Security Center
In addition, the ISSS should be capable of providing targeted input on key documentation efforts such as:
Interconnection Security Agreements (ISAs)
Security Assessment Reports (SARs) provided on an as-needed basis to support system authorization and risk management activities
Education/Certifications/Skills
Associates degree or Bachelor’s in Systems Security, Cybersecurity, Computer Science, Information Technology, or related field
Highly recommended in CompTIA Security+ or equivalent certification
Preferred certifications in the following to include one or all of the following:
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
AWS Certified Security – Specialty
Microsoft Certified: Azure Security Engineer Associate
Google Professional Cloud Security Engineer
CompTIA Cloud+
Agile Certifications, preferred
Strong knowledge of SAFe/Agile methodologies software development life cycles, and modern project management tools and techniques like Continuous Integration and Continuous Deployment (CI/CD) practices
Strong problem-solving skills, with the ability to troubleshoot complex issues
Excellent communication, negotiation, and stakeholder management skills
group id: 10477716
N
