Remote IT Security Specialist - WFH Opportunity

Position: IT Security Specialist - Remote / Work From Home

Overview

We are in search of an accomplished IT Security Specialist to lend expertise in evaluating and supporting security requirements for a significant application and infrastructure modernization initiative. This pivotal role entails examining critical documentation, pinpointing potential security vulnerabilities, and aiding in the formulation of robust mitigation strategies to ensure adherence to security and privacy regulations. The ideal candidate will possess extensive experience in cloud security, risk management, and system security evaluations.

Key Responsibilities

• Develop, implement, upgrade, and monitor security protocols to safeguard computer networks and information.
• Conduct ongoing assessments of development processes and recommend enhancements to bolster security.
• Collaborate with the Information System Security Officer (ISSO) to manage system security plans, ensuring that systems receive and maintain authorization to operate (ATO).
• Guarantee security compliance for applications and systems across cloud platforms such as AWS, Azure, and Google Cloud.
• Oversee the security framework for applications and systems, adhering to standards such as MARS-E, NIST, and HIPAA.
• Work in conjunction with Operations and Maintenance (O&M) and Infrastructure teams to guarantee software is current and aligns with InfoSec policies.
• Partner with developers, engineers, and other stakeholders to fulfill security demands while mitigating project delays.
• Collaborate on the implementation of automated Disaster Recovery solutions, which include alerting, notifications, data backup, and recovery processes.
• Assist in developing security event logging and monitoring frameworks.
• Conduct internal audits of security controls to verify compliance with regulations and technical standards.
• Monitor and track remediation efforts for audit discrepancies through Plans of Actions and Milestones (POA&Ms) and Corrective Action Plans (CAPs).
• Ensure appropriate security measures are in place to protect sensitive data and infrastructure.
  
  

Required Qualifications

• A minimum of 5 years of experience in IT security or associated fields.
• At least 5 years of experience ensuring security compliance for cloud applications (AWS, Azure, Google Cloud).
• A minimum of 5 years of experience in the maintenance and updating of system security plans (SSP/SSPP).
• Five years of experience supporting infrastructure assets and services, with a solid understanding of NIST 800-53.
• Proficiency in providing security engineering evaluations and recommendations.
• Experience collaborating in Agile environments and with large, cross-functional teams.
• Minimum 5 years of experience as an ISSO and in managing ATO processes.
• A strong grasp of security architecture, coupled with experience in TOGAF and MITA frameworks.
• Background in risk management, vulnerability assessments, and security compliance documentation.
• Experience in reviewing RFPs, MOUs, and disaster recovery strategies for security considerations.
• Familiarity with evaluating security-related documents such as Business Continuity Plans and Disaster Recovery Testing Plans.
  
  

Preferred Qualifications

• Familiarity with emerging information security technologies and privacy strategies.
• A Bachelor's degree in Computer Science, Management Information Systems, or a related discipline.
• Proficient with security tools like NESSUS and NMAP.
• Experience in DevSecOps engineering.
  
  

This position presents an exciting opportunity to leverage your security acumen in a dynamic and cooperative atmosphere. If you are dedicated to safeguarding intricate systems and thrive on tackling challenging problems, we invite you to apply.

Employment Type: Full-Time