Remote IT Security Specialist - Cloud Compliance Expert

Job Overview

We are in search of an experienced IT Security Specialist to join our team in a remote capacity, focusing on supporting and evaluating security requirements for a significant application and infrastructure modernization initiative. This pivotal role encompasses the examination of crucial documentation, identification of potential security vulnerabilities, and contribution to the formulation of effective mitigation strategies aimed at ensuring adherence to security and privacy standards. The ideal candidate will possess a robust background in cloud security, risk management, and system security assessments.

Key Responsibilities

• Develop, implement, enhance, and oversee security protocols to safeguard computer networks and sensitive information.
• Conduct ongoing evaluations of development processes, proposing enhancements to fortify security measures.
• Assist the Information System Security Officer (ISSO) in managing system security plans, ensuring systems achieve and maintain authorization to operate (ATO), and supporting activities linked to the Assessment and Authorization (A&A) process.
• Ensure compliance with security standards for applications and systems operating within cloud environments (AWS, Azure, Google Cloud, etc.).
• Direct the security program for applications and systems, following guidelines such as MARS-E, NIST, and HIPAA.
• Collaborate with Operations & Maintenance (O&M) and Infrastructure teams to ensure software is current and adheres to InfoSec policies.
• Work alongside developers, engineers, and other colleagues to fulfill security requirements while minimizing project delays.
• Partner with teams to implement automated Disaster Recovery solutions, which include alerting, notifications, data backup, and recovery processes.
• Contribute to the establishment of security event logging and monitoring procedures.
• Conduct internal assessments of security controls to verify compliance with regulations and technical standards.
• Monitor and track remediation efforts for audit findings through Plans of Actions and Milestones (POA&Ms) and Corrective Action Plans (CAPs).
• Ensure that appropriate security controls are established to protect sensitive data and infrastructure.
  
  

Required Qualifications

• A minimum of 5 years of experience in IT security or related fields.
• 5 years of experience providing security compliance for cloud applications (AWS, Azure, Google Cloud).
• 5 years of experience in maintaining and updating system security plans (SSP/SSPP).
• 5 years of experience supporting infrastructure assets and services, with knowledge of NIST 800-53.
• Proven experience in security engineering reviews and recommendations.
• Familiarity with Agile environments and experience working with large, cross-functional teams.
• At least 5 years of experience as an ISSO and operating under an ATO.
• Strong comprehension of security architecture, including exposure to TOGAF and MITA.
• Experience in risk management, vulnerability assessments, and security compliance documentation.
• Competence in reviewing RFPs, MOUs, and disaster recovery plans for security requirements.
• Experience reviewing security-related documents, including Business Continuity Plans and Disaster Recovery Testing Plans.
  
  

Preferred Qualifications

• Knowledge of emerging information security technologies and privacy methodologies.
• A Bachelor’s degree in Computer Science, Management Information Systems, or a related field.
• Familiarity with security tools such as NESSUS and NMAP.
• Experience in DevSecOps engineering.
  
  

This role represents an exceptional opportunity to leverage your security expertise within a dynamic and collaborative environment. If you are dedicated to securing complex systems and thrive on tackling challenging problems, we encourage you to apply!

Employment Type: Full-Time