What are the responsibilities and job description for the Remote IT Security Specialist - Assessment and Compliance position at Get It - Professional Services?
Position Title: IT Security Specialist - Remote
Job Overview
We are in search of a highly qualified IT Security Specialist to contribute to a significant application and infrastructure modernization initiative. This role entails meticulously evaluating key documentation, pinpointing potential security vulnerabilities, and aiding in the formulation of robust mitigation strategies to ensure adherence to security and privacy standards. The ideal candidate will possess extensive expertise in cloud security, risk management, and conducting system security assessments.
Key Responsibilities
This role presents a valuable opportunity for professional advancement in the fields of security compliance, risk management, and cloud security—areas that are increasingly vital in today's technology landscape. We encourage our employees to continuously enhance their skills and adapt to the latest in security technologies.
Company Culture And Values
Join a dynamic team that values collaboration, proactive problem-solving, and a commitment to excellence in security practices. We foster an inclusive work environment where every team member’s contributions are valued, and we encourage ongoing learning and development.
Networking And Professional Opportunities
Be part of a prestigious organization where you will have the chance to expand your professional network and collaborate with top-tier talent in the industry.
Compensation And Benefits
Employment Type: Full-Time
Job Overview
We are in search of a highly qualified IT Security Specialist to contribute to a significant application and infrastructure modernization initiative. This role entails meticulously evaluating key documentation, pinpointing potential security vulnerabilities, and aiding in the formulation of robust mitigation strategies to ensure adherence to security and privacy standards. The ideal candidate will possess extensive expertise in cloud security, risk management, and conducting system security assessments.
Key Responsibilities
- Plan, implement, upgrade, and monitor security protocols to safeguard computer networks and sensitive information.
- Continuously evaluate development processes and propose enhancements to reinforce security measures.
- Collaborate with the Information System Security Officer (ISSO) to manage system security plans, ensuring systems achieve and maintain authorization to operate (ATO), while supporting the Assessment and Authorization (A&A) process.
- Guarantee security compliance for applications and systems operating within cloud environments (AWS, Azure, Google Cloud, etc.).
- Supervise the security program for applications and systems by adhering to guidelines such as MARS-E, NIST, and HIPAA.
- Coordinate with Operations & Maintenance (O&M) and Infrastructure teams to verify software is current and aligns with InfoSec policies.
- Engage with developers, engineers, and other team members to fulfill security requirements while minimizing project interruptions.
- Collaborate with teams to establish automated Disaster Recovery solutions that include alerting, notifications, data backup, and recovery processes.
- Assist in the development of security event logging and monitoring procedures.
- Conduct internal security control assessments to confirm compliance with regulatory and technical standards.
- Monitor and track remediation efforts for audit findings through Plans of Actions and Milestones (POA&Ms) and Corrective Action Plans (CAPs).
- Ensure the implementation of appropriate security controls to protect sensitive data and infrastructure.
- Minimum of 5 years’ experience in IT security or related disciplines.
- 5 years of experience ensuring security compliance for cloud applications (AWS, Azure, Google Cloud).
- 5 years' experience in updating and maintaining system security plans (SSP/SSPP).
- 5 years of experience in supporting infrastructure assets and services, with a comprehensive understanding of NIST 800-53.
- Proven experience in providing security engineering assessments and recommendations.
- Familiarity with Agile environments and experience working within large, cross-functional teams.
- At least 5 years of experience as an ISSO and in working under an ATO.
- In-depth understanding of security architecture, with experience in TOGAF and MITA.
- Demonstrated experience in risk management, vulnerability assessments, and security compliance documentation.
- Experience reviewing security-related documents such as Business Continuity Plans and Disaster Recovery Testing Plans.
- Knowledge of emerging information security technologies and privacy methodologies.
- Bachelor's degree in Computer Science, Management Information Systems, or a closely-related field.
- Familiarity with security tools such as NESSUS and NMAP.
- Experience in DevSecOps engineering.
This role presents a valuable opportunity for professional advancement in the fields of security compliance, risk management, and cloud security—areas that are increasingly vital in today's technology landscape. We encourage our employees to continuously enhance their skills and adapt to the latest in security technologies.
Company Culture And Values
Join a dynamic team that values collaboration, proactive problem-solving, and a commitment to excellence in security practices. We foster an inclusive work environment where every team member’s contributions are valued, and we encourage ongoing learning and development.
Networking And Professional Opportunities
Be part of a prestigious organization where you will have the chance to expand your professional network and collaborate with top-tier talent in the industry.
Compensation And Benefits
- Competitive salary commensurate with experience.
- Comprehensive health, dental, and vision insurance options.
- Retirement savings plan with company matching contributions.
- Generous paid time off policy.
- Flexible working hours.
Employment Type: Full-Time
