AI Summary
Provide IT systems security support in compliance with NIST standards, ensuring information assurance functions across all task areas. Work with various stakeholders to review and analyze vulnerability scan results, identify trends, and coordinate pre-assessment meetings. Support system owners with IS&P requirement documents and provide policy guidance on IaaS, PaaS, and SaaS implementation.
Key Highlights
Provide IT systems security support
Review and analyze vulnerability scan results
Support system owners with IS&P requirement documents
Provide policy guidance on IaaS, PaaS, and SaaS implementation
Key Responsibilities
Support the Governance program as an advisor to the system/application owner to ensure appropriate implementation of the NIST Security Framework through the lifecycle of the system
Provide support with data type selection and system categorization according to FIPS 199
Work with appropriate stakeholders to review and analyze vulnerability scan results to identify trends
Review and advise SO with IS&P requirement documents for new systems
Technical Skills Required
Benefits & Perks
100% remote work
Public Trust security clearance
US Citizenship required
Job Description
Information Security Specialist (Junior Level) -100% remote
Overview
We are seeking an Information Security Specialist to provide IT systems security support in compliance with the NIST standards and covers all information assurance functions across all task areas. You will need thorough knowledge and understanding of Federal Information Security Management Act (FISMA), including the NIST 800 series Special Publications (SP), FedRAMP, and Federal Information Processing Standards (FIPS) guidelines and regulations.
What You'll Do
- Support the Governance program as an advisor to the system/application owner to ensure appropriate implementation of the NIST Security Framework through the lifecycle of the system including but not limited to the pre-security assessment tasks and coordination with System Owners (SO)
- Provide support with data type selection and system categorization according to FIPS 199
- Ensure the vulnerability scans are coordinated and conducted prior to the assessment including submitting scan forms and credentials
- Work with appropriate stakeholders (e.g. Vulnerability Management branch) to review and analyze vulnerability scan results to identify trends
- Coordinate and facilitate pre-assessment meetings with stakeholders
- Review and advise SO with IS&P requirement documents for new systems
- Provide support for reviewing the system to identify and offer advice on elimination of unnecessary IT protocols, functions, ports, and/or services
- Provide policy guidance on IaaS, PaaS, and SaaS implementation to Cloud environments, procurement of Cloud solutions, and assessments of applications residing in Cloud environments
- Provide assistance to SO and system stewards in Security and Privacy assessments
- Review Security Impact Analysis for major changes prior to production
- Provide Security and Privacy guidance to SOs and/or their respective POCs
- Provide support to SO with analyzing Plan of Actions and Milestones (POA&M) and remediation solutions and costs. Related solutions may be communicated to the SO/customer via electronic media and/or oral discussions as identified by the requestor
- Create, document, review and edit as appropriate (new and existing) system security documents for completion and accuracy (to include but not limited to SCD, SSP, SIA, PIA, PTA, POA&M, Disaster Recovery Plan/DRP, etc.) to ensure security requirements are included
- Review of the Risk Assessment Report (RAR) with SO for completion and accuracy
- Review and assist in obtaining SO information and steward signatures on all assessment packages
- Create and utilize a risk methodology, which includes amicable methods of reducing operating risks for computing systems
- Review and/or input CSAM Analysis for assessments and common control inheritance. Review for applicability and remaining residual risk and provide and/or input CSAM system updates as required
- Provide Weekly/Monthly Labor Distribution Report. Report to include identification of time expended on activities/duties for the current week (M-F) and document activities participated within for the week outlining major activities participated by for each staff member
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
- Successful completion of a four (4) year degree from an accredited college or university in Engineering/Math/Science
- At least three (3) relevant years of experience planning, managing, and implementing technical IT Security projects/programs under Government contracts
- Demonstrated ability to analyze and synthesize data
- Self-motivated, well-organized, and detail-oriented
- Proficient in Microsoft Tools
- US Citizenship and the ability to obtain a Public Trust security clearance
- Bachelor's (Required)
- Information security: 3 years (Required)
Similar Jobs
Explore other opportunities that match your interests
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
Apetan Consulting LLC
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
TALENT Software Services
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
polar it
United State