Job Description

Position Title: Information Security Risk Specialist (SA Sr)
Core Hours: 9a-3p ET
As an Information Security Risk Specialist, Sr on our team, you\'ll use your experience to work with a government client to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You\'ll review technical, environmental, and personnel details to assess the entire threat landscape. Then, you\'ll guide the Veterans Administration (VA) client through a plan of action with presentations, white papers, and milestones. You\'ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical systems and critical infrastructure. This is your opportunity to act as an information security subject matter expert where you will mentor others while broadening your skills in Risk Management Framework and NIST Security and Privacy controls. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

You have:

• Experience with NIST special publications and FIPS
• Experience with information security and assurance principles, including the NIST Cybersecurity Framework and RMF process
• Experience with leading and coaching efforts involving presentations, SOPs, whitepapers, and change management processes
• Experience with assessing NIST security and privacy controls and maintaining Plans of Action and Milestones (POA&Ms)
• Experience with analyzing data from Governance Risk Compliance (GRC) tools, including eMASS or RiskVision, to determine trends, root cause, and possible solutions
• Experience with providing guidance for the NIST security and privacy controls and for providing sufficient documentation and artifacts for each control in the GRC tool
• Experience in reviewing security requirements, recommending a mitigation strategy for deficiencies, and working directly with clients to provide solutions and education
• Experience with performing annual security reviews in accordance with FISMA reporting
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
• Master\'s degree in CS, Engineering, or IT and 5+ years of experience with IT or 15+ years of experience with IT in lieu of a degree

• Experience with Privacy and Security control implementation, testing and assessment, and POAM management
• Experience with using data analytical tools
• Experience with the VA
• Experience with scanning tools
• Experience with creating formulas and data analysis in Excel
• Possession of excellent customer service and organization skills
• Possession of excellent verbal and written communication skills
• Public Trust
• CAP, CISSP, CISM, PMP, or CCSK Certification

• Paid PTO and sick leave (15 days initially)
• Paid Federal Government Holidays
• 100% Medical premium for employee
• 100% Dental and Vision
• 100% Medical premium for employee
• 100% Dental and Vision
• 100% paid Life, short and long-term disability insurance for employee
• 401(k)

Solutions Development Center