Computer Security Systems Specialist

We are currently seeking a Computer Security Systems Specialist III to work for one of our clients onsite in Luray, Virginia.

Job Duties

• Using the NIST Risk Management Framework (RMF) to conduct assessments of Information security controls to measure the effectiveness of controls and identify control gaps
• Ensure compliance with guidance, standards and regulations such as NIST Special Publications, FIPS, FedRAMP, and other federal regulations and policies
• Preparing Security Impact Assessments, Addendums, Security Authorization Packages and including documentation such as Authorization Official Out-briefs, Security Authorization Recommendations and Security Authorizations
• Identify, assess, and prioritize identified risks
• Collect evidence, artifacts, and document findings to support conclusions
• Report on compliance with internal policies, controls, and standards Provide recommendations for remediation of identified deficiencies
• Track and report on Plans of Action and Milestones (POAMs) (i.e., findings/deficiencies to closure)
• Coordinate third-party risk assessments and IT audits
• Manage remediation efforts and report on the status of control deficiencies
• Support security initiatives and global policy adherence and awareness efforts
• Support global information security metrics and reporting program(s)
• Provide security expertise to business units and key stakeholders
• Enforce policy adherence and manage formal policy exception requests
• Provide timely status updates/reporting on assessments and assigned projects

Qualifications

• A bachelor’s degree in computer science or a related engineering field with training in information security
• 10 years’ experience in Information Security
• 5 years’ experience building and managing Windows server platforms
• Thorough knowledge of NIST 800 Special Publications, Federal Information Processing
• Expertise the NIST Risk Management Framework to generate and maintain SA&A documentation to include System Security Plans, Security Assessments Reports, and Risk Assessments for internal and cloud-based systems (i.e., FedRAMP)
• Experience using security scanners (e.g. Nessus, Nexpose, etc.) and remediating vulnerabilities

Annual Salary Range: $105,000 - $125,000

Garnet River® is a full-service information technology company that customizes solutions for its clients. We solve challenges through staff augmentation, project-based teams, and technical solutions. Our staffing division works as a recruiting arm for technical companies in the region and across the country. Clients turn to us to help them find talent.

Garnet River LLC is an Equal Employment opportunity/Affirmative Action (EEO/AA) employer. Minorities/Female/Disabled/Veteran (M/F/D/V)