Jr. IT Security Specialist Maryland

Company: S4 Inc
Location: Silver Spring
Posted on: September 16, 2023

Job Description:

Job Title: Jr. IT Security Specialist

Work Location: Silver Spring, MD

Clearance: Public Trust background investigations can take approximately four to eight weeks and requires fingerprinting. All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History

Education: Bachelor's degree

Experience: 2+ yrs. related experience

Certification: IAT II

Schedule: Monday - Friday day shift

Travel: Occasional

Salary:

Job Listing Number: MD23002

Contract Labor Category: IT Security Specialist II

The position will support our customer, NOAA, providing cyber security program support for achieving FISMA requirements. The key objective of the project is to provide cyber security program support for achieving FISMA requirements by monitoring and overseeing the authorization to operate (ATO) process.

Primary Responsibilities: Providing Information Security Engineering and Compliance support to Authorizing Officials (AO), System Owners (SO), Program Managers (PM), System Administrators (SA), Information System Security Manager (ISSM) as required, including but not limited to:

Implement cyber security program services supporting achievement of FISMA requirements by monitoring, overseeing, and supporting the authorization to operate (ATO) process.
Working closely with the SO to ensure documents are created in CSAM and submitted to the CIO for validation.
Coordinating closely with the SO before and during the Security Authorization process to ensure they are aware of requirements, processes and expectations.
Providing support to or serving as Information System Security Officer (ISSO) for information systems as assigned or as required.
Advise Information System Owner (SO) regarding security considerations and FISMA system security requirements during all phases of the application or system development life cycle.
Determine, document and implement appropriate level of security commensurate with the AO-approved security categorization (FIPS-199) of the information system and in accordance with FIPS-200 and NIST 800-53 security controls baseline.
Develop and maintain all information system security documentation - System inventory, Policies & procedures, Interconnection agreements, FIP-199, FIPS-200, BIA, System Security Plan (SSP) and SSP appendices (System description/boundary, CM plan, Secure baseline, ISCM plan, CP plan, CP test results, IR plan and AT plan).
Conduct Risk, Privacy (PTA/PIA) and E-Authentication assessments (ETA/ERA) annually.
Facilitate Change Control Board (CCB) and conduct Security Impact Analysis (SIA) as part of the ongoing system configuration changes.
Perform continuous monitoring to ensure that the security controls are implemented correctly, operating as intended and producing the desired outcome.
Periodically scan all information system components and ensure identified vulnerabilities are remediated within established timelines.
Monitor the status of the ATO and initiate actions early enough to ensure annual security Assessment and Authorization (A&A) activities are completed before the system becomes operational or the current ATO expires.
Maintain the Security Authorization Package (SAP) and ensure on-time submission of the package for annual assessment.
Develop and manage Plan of Action and Milestones (POA&Ms) to remediate identified weaknesses and ensure timely closure of all POA&Ms.
Establish and maintain recurring weekly, monthly status/progress reports.
Provide general project oversight, coordination and management for each assigned task providing Assessment and Authorization (A&A) support as required.
Providing Plan of Action & Milestones (POAM) remediation support as required.
Providing support for and as required executing authenticated vulnerability, application and database scanning for information systems.
The Candidate shall track scanning compliance and trending exploits and remediation for information systems.

Requirements:

Must have a minimum of 2 years of related experience in Cyber Security
Must have a Bachelor's degree
Must have a current IAT level II certification
In order to meet the clearance requirements for this opportunity, candidates must be US Citizen.
All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History.
Public Trust background investigations can take approximately four to eight weeks and requires fingerprinting.

To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume.

S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off. We are an Equal Opportunity Employer including Veterans/Disabled. S4 participates in the E-Verify employment verification program. Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times

If you are an individual with a disability or a disabled veteran and need a reasonable accommodation to apply to a position, please contact Janine Hunter, VP of Recruiting, by phone at (781) 430-9122 or by email at accommodation@s4inc.com.

Keywords: S4 Inc, Silver Spring , Jr. IT Security Specialist Maryland, Other , Silver Spring, Maryland