What are the responsibilities and job description for the Security Specialist - Minimum Qualifications position at FedTec?
FedTec is seeking Security Specialist - Minimum Qualifications (10 Years’ Experience).
Location: Cleveland, Ohio (On-site)
Job Overview:
We are seeking a Security Specialist to join our team.
Key Responsibilities:
· Security Architecture & Strategy: Develop and implement a comprehensive cybersecurity strategy for the Cloud-Based ITSM and Asset Management Program. Work with solution architects to design secure application architectures that incorporate encryption, least-privilege access, and secure data flows.
· Risk Management & Assessment; Conduct formal risk assessments and threat modelling exercises to identify vulnerabilities in the ITSM/ITAM environment. Develop and enforce mitigation plans for security gaps, misconfigurations, and known vulnerabilities.
· Cloud Security & Compliance: Ensure that the cloud-based ITSM solution meets federal, state, and local compliance standards (e.g., NIST, CJIS). Oversee encryption in transit and at rest, secure key management, and proper tenant isolation.
· Access Control & Identity Management: Design and enforce role-based access controls (RBAC) and principle of least privilege (PoLP) across the ITSM platform and connected systems. Manage federated identity integration with Active Directory or Azure AD and implement multi-factor authentication.
· Monitoring & Incident Response: Configure and monitor Security Information and Event Management (SIEM) tools for log aggregation and anomaly detection. Lead the development and execution of incident response playbooks, including escalation, containment, and forensic investigation procedures.
· Vulnerability Management: Regularly perform vulnerability scans, penetration tests, and patch audits across the ITSM environment. Collaborate with IT staff to ensure timely remediation of vulnerabilities and system hardening.
· Policy Development & Governance: Develop and maintain security policies, procedures, and standards aligned with ITIL and governance models. Provide policy training and awareness to IT staff and stakeholders.
· Audit Support & Documentation: Support internal and external audits by maintaining accurate records of security configurations, incident reports, and access logs. Ensure full documentation of security processes, tools, and system baselines.
· Collaboration & Security Advocacy: Work with infrastructure, application development, and operations teams to embed security throughout the ITSM project lifecycle. Act as a security advocate, promoting cybersecurity best practices in change management, configuration control, and service delivery.
· Business Continuity & Disaster Recovery: Develop and test cybersecurity-related components of the disaster recovery and business continuity plans. Ensure critical ITSM functions can continue securely during system disruptions or cyberattacks.
Experience:
Minimum 10 years of experience in cybersecurity, including roles involving risk assessment, cloud security, access control, and compliance.
At least 5 years supporting cloud-based systems, including SaaS-based ITSM/ITAM solutions such as ServiceNow, BMC Helix, Ivanti, or Freshservice.
Experience working in public sector or municipal environments, with knowledge of government data protection requirements.
Technical Skills:
· Deep understanding of cloud security architectures (AWS, Azure, GCP), including IAM, encryption, and secure API integration.
· Proficiency in vulnerability assessment tools, SIEM platforms, firewalls, endpoint protection, and incident response frameworks.
· Familiarity with regulatory and compliance frameworks such as NIST 800-53, CJIS, FISMA, HIPAA, and PCI-DSS.
· Strong skills in identity and access management (IAM), multi-factor authentication (MFA), and Zero Trust architecture.
· Ability to develop and enforce cybersecurity policies, perform audits, and lead risk mitigation strategies.
Education & Certifications:
Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or related technical field (master’s preferred).
Industry-recognized certifications such as:
▪ Certified Information Systems Security Professional (CISSP)
▪ Certified Cloud Security Professional (CCSP)
▪ Certified Information Security Manager (CISM)
▪ CompTIA Security , CEH, or GIAC certifications
- ITIL v3 or v4 Foundation Certification preferred.
About FedTec: FedTec is a Woman-Owned Small Business headquartered in Reston, VA, with additional locations in over 40 states. We are a dedicated team of visionary individuals committed to innovative technology and forward-focused methods. Our mission is to modernize and redefine the future of public sector agencies and the people they serve, through innovative technology-powered solutions and exceptional operational support. We provide world-class digital consulting, infrastructure, and cyber security services. As an Equal Opportunity Employer, we consider all qualified applicants without regard to disability, protected veteran status, or any other status protected by law. We are committed to a fair and inclusive workplace where advancement is based on merit, skills, and contributions. When you join FedTec, you become part of a family. We prioritize your safety, health, and happiness through our FedTec Total Well-Being program, which includes:
- Health & Wellness: Medical, dental, and vision plans with Telehealth virtual care and resources for physical and mental well-being.
- Time to Recharge: Generous paid time off to relax and rejuvenate.
- Financial Security: 401(k), company-paid short- and long-term disability, life insurance, and additional voluntary coverage.
- Life & Family Support: Employee Assistance Program (EAP), Pet Insurance, and Prepaid Legal services.
- Recognition & Growth: The FedTec Applause program rewards outstanding contributions, while our Learning & Development programs support your career growth.
- Fitness & Wellness: The FedTec Fit Program includes an on-staff Fitness Coach, personal and group training sessions, company fitness challenges, and ongoing wellness support.
Visit https://fedtec.com/ to learn more about who we are and where you can make an impact!
