Job Summary:
We are looking for an experienced and dedicated Information Assurance Specialist, Level 2, to join our security team. The ideal candidate will have a strong background in cybersecurity, risk management, and compliance. As a specialist, you will play a key role in safeguarding our organization's information assets and ensuring compliance with security policies and regulations.
Key Responsibilities:
Security Monitoring and Analysis: Continuously monitor security alerts and incidents. Analyze and respond to security threats and vulnerabilities in a timely manner.
Risk Assessment: Conduct regular risk assessments to identify potential security risks. Develop and implement mitigation strategies to address identified risks.
Incident Response: Manage and respond to security incidents, including data breaches and malware infections. Conduct root cause analysis and implement corrective actions.
Compliance: Ensure compliance with relevant security standards, regulations, and policies (e.g., ISO 27001, NIST, GDPR). Participate in audits and assessments to demonstrate compliance.
Security Policies and Procedures: Develop, update, and enforce security policies and procedures. Ensure that all employees are aware of and adhere to security guidelines.
Vulnerability Management: Perform regular vulnerability assessments and penetration testing. Remediate identified vulnerabilities in collaboration with IT and development teams.
Training and Awareness: Conduct security training and awareness programs for employees. Promote a culture of security within the organization.
Access Control: Manage and monitor access control systems to ensure that only authorized individuals have access to sensitive information.
Security Projects: Participate in security-related projects, such as the implementation of new security technologies and the development of disaster recovery plans.
Documentation: Maintain comprehensive documentation of security incidents, risk assessments, and compliance activities. Ensure documentation is accurate and up-to-date.
Continuous Improvement: Stay current with emerging security threats and trends. Continuously evaluate and improve the organization's security posture.
Qualifications:
Education: Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are highly desirable.
Experience: Minimum of 3-5 years of experience in information security or a related field, with at least 2 years in a Level 2 capacity.
Technical Skills: Proficient in security technologies and tools, such as SIEM, IDS/IPS, firewalls, and encryption. Strong knowledge of network security, application security, and cloud security. Must also know A&A process, NIST 800-53 MMM Systems, BigFix, and MS Azure.
Analytical Skills: Strong analytical and problem-solving skills. Ability to assess complex security issues and develop effective solutions.
Communication: Excellent verbal and written communication skills. Ability to communicate security concepts to technical and non-technical audiences.
Attention to Detail: Strong attention to detail with the ability to manage multiple tasks and priorities.
Team Player: Ability to work effectively in a team environment and collaborate with colleagues across the organization.
Ethical Mindset: High ethical standards and integrity. Commitment to protecting sensitive information and maintaining confidentiality.
Adaptability: Ability to adapt to changing security landscapes and emerging threats.
Job Types: Full-time, Contract
Pay: $50,000.00 - $80,000.00 per year
Benefits:
- 401(k) matching
- Health insurance
- Paid time off
Schedule:
- 8 hour shift
- Monday to Friday
Ability to Relocate:
- Bethesda, MD: Relocate before starting work (Required)
Work Location: In person