IT Security Specialist - Silver Spring, United States - L2 Cyber Solutions

L2 Cyber Solutions
L2 Cyber Solutions
Verified Company
Silver Spring, United States

3 weeks ago

Mark Lane

Posted by:

Mark Lane

beBee recruiter
Description

L2 Cyber Solutions (L2 Cyber) has a Federal contract with the National Oceanic and Atmospheric Administration (NOAA), Office of the Chief Information Officer.


Responsibilities include, but are not limited to

  • Provide guidance to developers and other technical stakeholders on security topics, and educate members on their responsibility regarding the shared security model
  • Document systems architecture, configuration & deployment plans with security aspects in mind
  • Directly contribute to security documentation (System Security Plan (SSP), FIPS 199 Criticality Assessment, FIPS 200 Control Tailoring, Configuration Management Plan (CMP), System Contingency Plan (CP), Business Impact Assessment (BIA), Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), Plans of Action and Milestones (POA&M)) IAW customer directives (e.g. NIST, NOAA/DOC) throughout the information system's A&A lifecycle
  • Support all Assessment & Authorization (A&A) activities
  • Draft and maintain Acceptance of Risk(s) documentation, and perform routine vulnerability/risk assessment analysis
  • Identify vulnerabilities, risks, and protection measures as it relates to information systems
  • Update systemlevel policies and assist in developing procedures that meet Federal IT security requirements
  • Assess new technologies and advise how to correctly implement security controls using those tools per NIST guidelines and cloud best practices
  • Achieve Control compliance with supporting artifacts and conduct gap analysis of security controls
  • Ensure IT systems have all security controls in place and functioning properly in accordance with NIST 80053A publication
  • Conduct and evaluate/analyze vulnerability results from the following set of tools to include but not limited to: NESSUS/TenableSecurity Center, CSAM, Arcsight, BigFix, and WebInspect
  • Demonstrate understanding of the Federal Authority to Operate (ATO) process

Required Experience, Knowledge, Skills, and Abilities

  • BS/BA in relevant field, or equivalent experience
  • 5+ years of relevant experience
  • Federal IT system cybersecurity experience
  • CISSP, GIAC certifications, CISA, CISM, SEC+, or a similar certification
  • Knowledge of TCP/IP networking, SMTP, HTTP, loadbalancers and VPC's
  • Experience with centralizing, querying, and setting up alerts based off AWS CloudTrail, AWS Config, and VPC Flow Logs
  • Experience with CSAM, Tenable Security Center, Nessus, etc.
  • Ability to analyze and understand cyber threat actor capabilities and intentions, methodologies, methods, and motives
  • Ability to perform threat vector risk assessments
  • Ability to interact with other staff and senior Federal employees technical and nontechnical personnel
  • Ability to manage multiple tasks in a fastpaced environment
  • Possess a positive and selfmotivating attitude
  • Excellent written, verbal, and analytical skills
  • Must have, or be able to, pass a US Government Background Investigation (this is a noncleared position)
  • Must be a U.S. citizen

Additional Information

  • This is a fully remote position, you must be able to effectively work remotely with mínimal direct supervision
  • Client location is Silver Spring, MD (ET zone), preference given to applicants in the DMV or located in CO
  • Travel may be required for key meetings/engagements (510%)

Benefits

  • In compliance with Colorado's Equal Pay for Equal Work Act, the salary range for this role in Colorado is $80,000 $115,000
  • Medical, vision, dental, life, and disability coverage
  • 401(k) w/ matching contribution up to 3%
  • Education/professional development assistance
  • Competitive PTO w/ additional company paid Holidays
  • Remote office technology assistance

About L2 Cyber Solutions


L2 Cyber Solutions is a Woman-Veteran owned small business that provides niche Cybersecurity Engineering & Consulting, Portfolio/Program/Project Management, Risk Management, and Assessment & Authorization services.

We have been named a ColoradoBiz Top 100 Woman-Owned Company, and Top 250 Private Company - we recognize that these awards are made possible because of our employees.


  • At L2 Cyber Solutions, we make our employment decisions based on business needs, job requirements, and individual qualifications. We are an Equal Opportunity Employer, and encourage all qualified individuals to apply._
More jobs from L2 Cyber Solutions
See all jobs of L2 Cyber Solutions