Information Security Risk Specialist

Description

Position Title: Information Security Risk Specialist 

As an information security risk specialist on our team, you'll use your experience to work with the VA to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You'll review technical, environmental, and personnel details from SMEs to assess the entire threat landscape. Then, you'll guide your client through a plan of action with presentations, white papers, and milestones. You'll work with your client to translate security concepts, so they can make the best decisions to secure their critical infrastructure. This is your opportunity to act as an information security subject matter expert while broadening your skills in data science. Join us as we protect our nation's cyber infrastructure.

You Have:           

• Experience with Cybersecurity, risk management, or risk assessment for complex systems
• Experience with NIST SP 800 series publications 
• Experience with risk analysis, data analytics, and visualizations
• Understanding of elements of risk to include:  vulnerability, threat, likelihood, impact, mitigation, and remediation
• Experience working with tight deadlines
• Experience with Governance, Risk, and Compliance (GRC) such as eMASS
• Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis
• HS diploma or GED and 18 years of experience with systems security engineering or BS degree in CS, IT or Engineering and 10 years of experience with systems security engineering

Nice If You Have:

• Experience with tools such as Nessus, BigFix, Red Seal, RSA Archer, SCCM, Elastic, CDM
• Experience with Assessment and Authorization (A&A)
• Experience with the MITRE ATT&CK framework
• Experience with advanced Excel skills such as Power Query
• Experience with NIST SP 800-53, 39, 37, 30
• CompTIA Security or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)
• Public Trust clearance

Requirements

- Bachelors in computer science, electronics engineering or other engineering or technical discipline is required.

- 10 years of experience

- IT experience with Cyber Security Policy and threat mitigation. Must be well versed in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks.  Must have familiarity and experience in the implementation of cyber security regulations.