Senior Information Systems Security Officer
$108,000 - $155,000/Yr
Dev Technology Group
posted about 2 months ago
Full-time - Mid Level
Remote
Professional, Scientific, and Technical Services
About the position
The Senior Information Security Specialist at Dev Technology Group plays a crucial role in ensuring the security of applications deployed in AWS. This position involves coordinating IT security regulations, ensuring compliance with policies, preparing security documentation, and advising on processes aligned with the Risk Management Framework. The ideal candidate will have extensive experience in securing government IT systems and will work collaboratively with various teams to enhance security measures and address vulnerabilities.
Responsibilities
- Coordinate information technology security regulations and requirements.
- Ensure compliance with all policies and best practices.
- Prepare and maintain security documentation, including Security Plan and Contingency Plan.
- Identify and address weaknesses, vulnerabilities, and findings.
- Prepare Plans of Action and Milestones (POA&Ms), waivers, and accepted risk processes as necessary.
- Conduct interviews and tabletop exercises to ensure implementation of security measures.
- Advise on processes that align with the Risk Management Framework.
- Conduct annual Contingency Plan Testing.
- Develop and implement security controls based on FISMA and NIST 800-53 guidelines.
- Coordinate with IT leads from partner agencies to identify collaboration opportunities.
- Report IT security incidents in accordance with established procedures.
- Provide development teams with weekly security reports.
- Develop and implement Authority to Operate.
- Conduct IT audits and assess information systems and network connections security.
- Provide security guidance and interpret security policy for project development teams.
Requirements
- Bachelor's Degree required.
- At least 7 years of experience securing government IT systems.
- Strong working knowledge of the Risk Management Framework (RMF).
- Experience providing security guidance to systems deployed in AWS.
- Ability to work in a collaborative environment and manage individual tasks.
- Demonstrates understanding of technical components of an information system environment.
- Outstanding communication skills, both written and oral.
Nice-to-haves
- Experience working on ISAs, PKI, security plans, and audits.
- One security certification (Security+, CISSP, GIAC, CISM) preferred.
Benefits
- Generous and flexible time-off policy.
- Flexible work schedules and telework options.
- Career development opportunities including mentorship and training.
- Tuition reimbursement and paid training opportunities.
- Industry-leading benefits including health plans with dental and vision.
- Flexible spending account and commuter benefits.
- Life insurance and 401(k) matching with immediate vesting.
- End of year profit sharing.
- Regular team and company social events.
- Focus on community engagement and employer match for donations.
