Remote IT Security Specialist - WFH

Job Overview

We are looking for a highly skilled IT Security Specialist to play a pivotal role in supporting and evaluating security requirements for a significant application and infrastructure modernization initiative. This position entails a thorough review of essential documentation, identification of potential security vulnerabilities, and collaboration in the formulation of robust mitigation strategies to guarantee compliance with established security and privacy standards. The successful applicant will possess a solid foundation in cloud security, risk management, and system security evaluations.

Key Responsibilities

• Strategically plan, implement, upgrade, and oversee security measures to safeguard computer networks and sensitive information.
• Continuously evaluate development methodologies and propose enhancements to strengthen security protocols.
• Assist the Information System Security Officer (ISSO) in managing comprehensive system security plans, ensuring that systems secure and maintain authorization to operate (ATO), including supporting the Assessment and Authorization (A&A) processes.
• Ensure compliance with security policies for applications and systems hosted in cloud environments (e.g., AWS, Azure, Google Cloud).
• Direct the security program for applications and systems, adhering to standards such as MARS-E, NIST, and HIPAA.
• Collaborate with Operations & Maintenance (O&M) and Infrastructure teams to ensure that software remains current and compliant with Information Security policies.
• Work alongside developers, engineers, and various team members to fulfill security requirements while minimizing potential project delays.
• Partner with teams to implement automated Disaster Recovery solutions, including alerting, notifications, data backup, and recovery processes.
• Contribute to the development of security event logging and monitoring frameworks.
• Conduct internal assessments of security controls to ensure compliance with relevant regulations and technical standards.
• Monitor and manage remediation efforts for audit findings through Plans of Actions and Milestones (POA&Ms) and Corrective Action Plans (CAPs).
• Ensure that adequate security controls are established to protect sensitive data and infrastructure.
  
  

Required Qualifications

• A minimum of 5 years of experience in IT security or closely related fields.
• At least 5 years of experience delivering security compliance for cloud applications (AWS, Azure, Google Cloud).
• 5 years of experience maintaining and updating system security plans (SSP/SSPP).
• Minimum of 5 years supporting infrastructure assets and services, with familiarity with NIST 800-53.
• Background in conducting security engineering reviews and providing recommendations.
• Experience in Agile environments, collaborating with large, cross-functional teams.
• At least 5 years of experience as an ISSO, including work under an ATO.
• Strong knowledge of security architecture, with experience in TOGAF and MITA frameworks.
• Proven experience in risk management, vulnerability assessments, and maintaining security compliance documentation.
• Expertise in reviewing RFPs, MOUs, and disaster recovery plans for security considerations.
• Experience in evaluating security-related documents such as Business Continuity Plans and Disaster Recovery Testing Plans.
  
  

This role presents an exceptional opportunity to leverage your security acumen in a dynamic, collaborative setting. If you have a passion for fortifying complex systems and relish tackling challenging problems, we invite you to connect with us.

Employment Type: Full-Time