Job Number: R0065109
Client Delivery Information Security Specialist
Maintain responsibility for analyzing information security requirements within government, including DoD and civilian agencies and commercial healthcare and finance contracts and provide guidance on risk identification and mitigation for those requirements. Research, evaluate, recommend, and communicate information security best practices for on-premises and Cloud networks. Define, enforce, communicate, and support information security policies or security plans for data, Internet, software applications, hardware, telecommunications, and computer installations. Contribute to the development of innovative principles and ideas, including workflow automation and process improvement. Tackle unusually complex problems and provide highly creative Cybersecurity solutions. Perform as an advanced consultant with the capability knowledge to excel at client delivery and develop expertise in a specific Cybersecurity area. Take a leadership role in generating intellectual capital to help the firm grow its business.
-5+ years of experience in an information security field
-Experience in contract review, modification, and writing to identify Cybersecurity risks associated with federal government, including DoD and civilian, commercial, and international contracts and providing solutions to mitigate those risks
-Knowledge of security processes, best practices, and technical security implementation across various network types, including physical and Cloud environments
-Knowledge of current security standards, including NIST 800-53, NIST 800-171, FISMA, FedRAMP, SOC, ISO27001, HIPAA, DoD RMF and SRG, best practices control families, and implementation
-Ability to lead security review projects and translate security requirements into real world technical implementation
-Ability to support the documentation and communication of security requirements for client-facing project teams according to client team-specified response windows
-BA or BS degree
-Experience with Certification and Accreditation (C&A), Continuous Diagnostics and Mitigation (CDM), Risk Management Framework, Vulnerability Management, and Plan of Action and Milestone (POA&M) management
-GSEC, Sec+, CISSP, or CISM Certification
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website