The IT Computer Security Systems Specialist is part of a team of senior security engineers and subject matter experts in the design, documentation, and preliminary implementation of our client’s integrated IT Security Architecture. Under the general guidance of the Task Area Lead and/or a Senior IT Security Subject Matter Expert, successful candidates will work independently, or as a member of a small group, to produce cutting edge IT security-related solutions utilizing some or all of the following knowledge areas: Cloud computing, with emphasis on AWS; Information system privacy; Security engineering; IT Security analysis; IT Security architecture; IT Security industry standards and trends; and performance management.
Essential Functions / Responsibilities:
- Act as a member of a team of IT system security experts to delivery actionable IT security solutions and recommendations
- Design of a unifying “Build-in” Security Model, an IT Risk Management Framework, and a Privacy & Security Reference Model.
- Plan, track, deliver, and report on multiple high-priority Security Architecture sub-tasks
- Design related security management and automated security testing processes in an agile software development environment
- Implement quality assurance and control procedures to ensure adherence of deliverables to client requirements
- Designing related security management processes
- Visit the client site (Baltimore, MD) one to two times per week.
Minimum Education, Experience, and Skill Requirements:
- Able to obtain a Public Trust Clearance
- Bachelor’s degree in Computer Science, Engineering, or related field or equivalent experience.
- 6 years of experience in development of IT System Security Architecture development with a minimum of 2 years of direct experience in IT systems engineering/development.
- Good understanding of NIST ‘s Cybersecurity Framework 1.0 along with familiarity with version 1.1, NIST Risk Management Framework (RMF), and/or FedRAMP – (Federal Risk and Authorization Management Program), a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
- Proficient in the use of the suite of Microsoft products including Word, Excel, Visio, Outlook, PowerPoint.
- Excellent verbal and written communication skills including experience with public speaking.
- Proven ability to work effectively, both independently and as a member of small teams, to develop Security Architecture frameworks, models, and solutions.
- Proven experience completing multiple high-priority assignments at the same time
- Focused on the outcome, not just the specific tasks.
- Ability to learn and apply new technologies, skills or concepts easily and with self-motivated initiatives.
Preferred Education, Experience, and Skill Requirements:
- Certified Information Systems Security Professional (CISSP), with additional concentration/specialization in Security Engineering (ISSEP) or Security Architecture (ISSAP)
- Experience in application of the National Institute of Standards and Technology (NIST):
- SP 800 Series guidelines and procedures
- NIST ‘s Cybersecurity Framework 1.0 and familiarity with version 1.1,
- NIST Risk Management Framework (RMF)
- Experience in application of the FedRAMP – (Federal Risk and Authorization Management Program) approach to security assessment, authorization, and continuous monitoring for cloud products and services
- Experience implementing software security in an Agile project management environment, particularly with experience in a DevOps software development and delivery process environment
- Experience working with the following technologies: Splunk, Jira and Confluence
WiredPeople provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, WiredPeople complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.