Job Description

Job Title

Information Security Risk Specialist- REMOTE

Job ID

27702472

Work From Home

Yes

Work Remote

Yes

Location

Washington, DC, DC

Other Location

Description

Position Title: Information Security Risk Specialist

As an Information Security Risk Specialist, Sr on our team, you\'ll use your experience to work with a government client to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You\'ll review technical, environmental, and personnel details to assess the entire threat landscape. Then, you\'ll guide the Veterans Administration (VA) client through a plan of action with presentations, white papers, and milestones. You\'ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical systems and critical infrastructure. This is your opportunity to act as an information security subject matter expert where you will mentor others while broadening your skills in Risk Management Framework and NIST Security and Privacy controls. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
You have:

• Experience with NIST special publications and FIPS
• Experience with information security and assurance principles, including the NIST Cybersecurity Framework and RMF process
• Experience with leading and coaching efforts involving presentations, SOPs, whitepapers, and change management processes
• Experience with assessing NIST security and privacy controls and maintaining Plans of Action and Milestones (POA&Ms)
• Experience with analyzing data from Governance Risk Compliance (GRC) tools, including eMASS or RiskVision, to determine trends, root cause, and possible solutions
• Experience with providing guidance for the NIST security and privacy controls and for providing sufficient documentation and artifacts for each control in the GRC tool
• Experience in reviewing security requirements, recommending a mitigation strategy for deficiencies, and working directly with clients to provide solutions and education
• Experience with performing annual security reviews in accordance with FISMA reporting
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
• Master\'s degree in CS, Engineering, or IT and 5+ years of experience with IT or 15+ years of experience with IT in lieu of a degree

Nice if you have:

• Experience with Privacy and Security control implementation, testing and assessment, and POAM management
• Experience with using data analytical tools
• Experience with the VA
• Experience with scanning tools
• Experience with creating formulas and data analysis in excel
• Possession of excellent customer service and organization skills
• Possession of excellent verbal and written communication skills
• Public Trust
• CAP, CISSP, CISM, PMP, or CCSK Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

ThunderYard Solutions is proud to be an Equal Opportunity Employer. We don\'t just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our community, and our customers. All applicants will be considered for employment without discrimination of race, color, religion, or belief, national, social, or ethnic origin, sex, age, physical, mental, or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union, or domestic partnership status, protected veteran status, family medical history or genetic information.

Liberty IT Solutions