The candidate must have a strong background adhering to Federal Information Security Management Act (FISMA) Standards using the Risk Management Framework (RMF). The ideal candidate must conduct Assessment and Accreditation (A&A) reviews and perform continuous monitoring functions and assist in maintaining Systems Authorization to Operate (ATO) or for system re-certification.
Position Title: Security Specialist Team Lead
Location: Silver Spring, MD
- Serves as Team lead for a small project team to assign tasks, monitor and control task progress, and develop periodic progress reports
- Develops multi-year schedules and project plans for security programs, including A&A and POA&M remediation.
- Conducts audit and provide guidance of security programs i.e., A&A, Continuous Monitoring, FISMA, NIST, DOC and NOAA policies and procedures.
- Assists with technology evaluations, trade studies, briefing development, and engineering analyses.
- Determines acceptable level of risk for enterprise computing platforms.
- Prepares risk analysis reports and provide recommendations to the client.
- Analyzes penetration testing and vulnerability scan reports on all systems as required.
- Provides impact analysis on local Federal Civilian Agency with regard to updates and version changes on National Institute of Standards and Technology (NIST) Security Publications and FISMA notices.
- Updates and develops security Standards and templates as required to meet new government and regulatory requirements.
- Uses risk management techniques to develop and complete risk assessments based on NIST standards to ensure Information Assurance design sufficiently mitigates the risk.
- Utilizes proficient, clear and concise English written and verbal communication skills in order to effectively interact with clients. Additionally, must be able to communicate with individuals at various levels of expertise in subject areas of concern.
- 10 years’ experience in Information Technology in an IT Security capacity.
- Experience serving as a Team lead for small projects.
- Experience in developing and using project plans for systems projects.
- Experience preparing Assessment and Authorization System Security documentation for review and approval by the Authorizing Official.
- Possess a current industry recognizable professional security certification.
- Thorough knowledge of NIST Security Standards and Security Requirements.
- Experience and proficient in applying NIST Risk Management Framework to Federal Systems NIST 800-37 guidelines.
- High proficiency in applying information technology solutions for Red Hat Linux, PHP based web sites and Applications, Oracle, SQL, NetApp, and other technologies.
- Government experience preferred.
- Bachelor’s Degree in Engineering, Business Administration or Information Technology or related field preferred or equivalent experience in lieu of degree
- Master’s Degree in similar competency – Highly Desired
- Project Management Professional (PMP) Certification – Highly Desired
- United States Citizenship or Permanent Residency Status is required for this position as per contract requirements.
- Must be able to qualify for Public Trust Clearance per contract requirements.
- Positive attitude and ability to effectively work with others.
- Ability to work late or on weekends when needed.
- Excellent written and oral communication skills.
- Excellent problem-solving skills.
- Excellent organizational skills.
- Ability to multi-task and work on multiple projects concurrently.
- One of the following certifications is required: CompTIA A+, CompTIA Network+, CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Security Essentials Certification (GSEC), GIAC Security Expert (GSE), GIAC Information Security Professional (GISP), GIAC Security Leadership Certification (GSLC), ISC2 Certified Authorization Profession (CAP), ISC2 System Security Certified Practitioner (SSCP), ISC2 Certified Information System Security Professional (CISSP), ISC2 Certified Information System Security Associate (CISSA), ISACA Certified Information System Manager (CISM)
Sagent is an equal opportunity employer that values diversity at all levels (EEO/AA – Minorities/Females/Veterans/Individuals with Disabilities)