ABILE GROUP, INC. Information Security Specialist - CMRM Salary in the United States

Overview

Abile Group has an exciting and challenging opportunity for an Information Security Specialist supporting an Intelligence Community Customer. 

The right candidate will possess the below skills and qualifications and be ready to handle all responsibilities independently and professionally.

Responsibilities

• We are seeking a talented, motivated Information Security Specialist who will ensure that the appropriate operational security posture is maintained for assigned information systems and as such, works in close collaboration with the Information System Security Manager (ISSM), the Chief Information Security Officer (CISO) staff, and the Information System Owner (ISO).
• You will ensure that cyber security requirements are effectively integrated into information systems' operations, management, and documentation.
• As an Information System Security Specialist, you will provide critical systems, application and infrastructure support to our Department of Defense customer.
• You have the opportunity to work with a team across multiple technical areas to include operations, engineering, security, and systems development.
• This is a great opportunity for technical and professional growth. 

• Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures

• Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter

• Create and maintain existing information system security documentation, including SSP, SCTM, and Security Configuration Guide

• Write implementation and design documents describing how security features are implemented

• Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance

• Create security policies and maintain existing information system security documentation

• Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package

• Work with the IA team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities

• Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes

• Conduct daily, weekly and monthly audit review and management of the audit collection system

• Continuously review and evaluate best practices for implementing a comprehensive audit program

• Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure

• Implement media control and data transfer policies

• Remain sensitive to security infractions and assist in security investigations and responses as requested

• Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment

• Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage

• Work in close coordination with the ISSM, you will play an active role in monitoring assigned systems and their environment of operation to include developing and maintaining the System Security Plan (SSP) and Security Controls Traceability Matrix (SCTM), managing and controlling changes to the system, and assessing the security impact of those changes.

• Update security relevant information utilizing Xacta.

   

Qualifications

Clearance Required: TS/SCI

Degree and Years of Experience: Bachelor’s degree or equivalent plus 4 years of experience

Required Certifications:

• Ability to obtain a DoD 8570.1 / DoD 8140.01 certification IAM level II or III; CAP, CASP, CISSP, or CISM within 120 days of employment

Required Skills:

• Experience with RMF, ICD 503, NIST SP800-53 or DCID 6/3; knowledge of current authorization practices, particularly within the DoD a plus.
• Some experience with security efforts related to modern Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtual computing. This might also include some system administration work with an emphasis on security control implementation.
• Analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
• Communicate well, both orally and in writing

About Abile Group, Inc.

Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients.  We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

EEO Statement

Abile Group, Inc. is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, veteran status, disability, or national origin.