The IT Security Specialist job with TekSynap in Silver Spring, Maryland is a critical position responsible for ensuring the security of information systems and data. The specialist must have a deep knowledge of federal regulations and standards, such as the Federal Information Security Management Act (FISMA) and National Institute of Standards and Technology (NIST) Security Publications. Responsibilities include conducting security assessments, developing system requirements, preparing security plans, and identifying and resolving security violations. Additionally, the specialist will collaborate with the NMFS Information Security program to implement risk management strategies and update internal processes and procedures. This is an excellent opportunity for an experienced IT professional who wants to make a significant impact in ensuring the security of vital systems and information.
Read more about the Job you will love
Responsibilities & Qualifications
Demonstrated knowledge of Federal regulations and standards
The IT Security Specialist should have a solid understanding of Federal regulations and standards, including the Federal Information Security Management Act (FISMA) and Security Publication 800-53. They should be familiar with the standards and guidance published by the National Institute of Standards and Technology (NIST) Security Publications. This knowledge is important in ensuring that the organization complies with all relevant regulations and standards.
Experience with conducting security assessments
The IT Security Specialist should have experience in conducting security assessments. This includes assessing the security of systems, identifying vulnerabilities and weaknesses, and making recommendations for improvements. This experience is crucial in identifying and addressing any potential security risks to the organization’s information systems.
Assists in the maintenance of systems to protect data from unauthorized users
One of the responsibilities of the IT Security Specialist is to assist in maintaining systems that protect data from unauthorized users. This includes implementing and managing access control mechanisms, such as authentication and authorization processes, to ensure that only authorized individuals can access sensitive information. It also involves monitoring system logs for any suspicious activities and taking appropriate actions to mitigate any potential risks.
Identifies, reports, and resolves security violations
The IT Security Specialist is responsible for identifying, reporting, and resolving security violations. This includes monitoring systems for any unauthorized access attempts or breaches, as well as conducting investigations into any potential security incidents. They should have the knowledge and skills to assess the impact of security violations and take appropriate actions to resolve them, such as implementing necessary remediation measures.
IT security expertise to implement the NMFS IT Security Risk Management Program
The IT Security Specialist should have expertise in IT security to implement the NMFS IT Security Risk Management Program. This program aims to identify and mitigate risks to the organization’s information systems. The specialist should be knowledgeable in risk assessment methodologies and be able to recommend, advise, and implement strategies to manage and mitigate the identified risks.
Recommend, advise and implement strategies to manage and mitigate the identified risks
The IT Security Specialist should be able to recommend, advise, and implement strategies to manage and mitigate the identified risks. This involves collaborating with stakeholders to understand their risk tolerance and developing appropriate risk management strategies. They should also have the skills to communicate these strategies effectively to ensure that all parties involved understand and can implement them.
Create a plan for updating documents with the list of documents needing updates
The IT Security Specialist should create a plan for updating documents with the list of documents needing updates. This includes identifying outdated documents and determining the necessary revisions to align them with current standards and regulations. They should also coordinate with relevant stakeholders to ensure that the updated documents are accurate and comprehensive.
Upload and publish new documents in the IT Security Program website
As part of their responsibilities, the IT Security Specialist should upload and publish new documents in the IT Security Program website. This includes ensuring that the documents are formatted correctly and easily accessible to authorized individuals. They should also ensure that the documents are regularly updated to reflect any changes in regulations or standards.
Integrate overall risk to make a risk determination
The IT Security Specialist should have the ability to integrate overall risk to make risk determinations. This involves analyzing various risks and their potential impacts on the organization’s information systems. They should be able to prioritize risks based on their likelihood and impact, and make informed decisions regarding risk mitigation strategies.
Create strategies to decrease risk
One of the key responsibilities of the IT Security Specialist is to create strategies to decrease risk. This includes identifying areas of vulnerability and implementing appropriate controls and safeguards to mitigate these risks. They should also regularly review and update these strategies to ensure their effectiveness and alignment with the organization’s risk appetite.
Communicate risk and track risk mitigation status
The IT Security Specialist should be able to effectively communicate risk and track the status of risk mitigation efforts. This includes preparing comprehensive reports and presentations to communicate the potential risks to stakeholders. They should also keep track of the progress and effectiveness of risk mitigation activities and make necessary adjustments as needed.
Develop a plan for migration to NIST 800-53 rev. 5 to implementation across the enterprise
The IT Security Specialist should develop a plan for migrating to NIST 800-53 rev. 5 across the enterprise. This involves reviewing the existing systems, processes, and controls and identifying any gaps or misalignments with the new standard. They should then develop a comprehensive plan to ensure a smooth transition to the updated standard.
Provide support to the NMFS Information Security program
As part of their responsibilities, the IT Security Specialist should provide support to the NMFS Information Security program. This includes assisting in developing and implementing security strategies, conducting security assessments, and supporting the continuous monitoring of information security activities. They should also collaborate with other team members to ensure the effective implementation of the program.
Review DOC, NOAA controls and security policies
The IT Security Specialist should review the Department of Commerce (DOC) and National Oceanic and Atmospheric Administration (NOAA) controls and security policies. This includes assessing the effectiveness of these controls and policies in mitigating risks and addressing vulnerabilities. They should also provide recommendations for any necessary updates or improvements.
Update Fisheries Common Controls
The IT Security Specialist should update the Fisheries Common Controls. This involves reviewing the existing controls and identifying any gaps or areas for improvement. They should then update the controls to align with current standards and best practices in order to enhance the security posture of the organization.
Update existing processes to meet rev 5 requirements for each control family of controls
As part of their responsibilities, the IT Security Specialist should update existing processes to meet the requirements of rev 5 for each control family of controls. This includes reviewing the current processes and identifying any necessary revisions or updates. They should then implement these updates to ensure compliance with the updated standards.
REQUIRED QUALIFICATIONS
To be eligible for the role of IT Security Specialist, candidates must meet the following qualifications:
- Possess a BA from an accredited college/university in a related field.
- Have at least 3 years’ experience within an organization’s IT Network.
- Possess at least one security certification such as Certified Information Systems Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), or equivalent.
Overview
We are seeking an IT Security Specialist to join our team supporting National Marine Fisheries Service IT Security in Silver Spring, MD. TekSynap is a fast-growing high-tech company that understands the pace of technology and the need for a well-planned information management environment. As an employer, we offer a competitive benefits package to our full-time employees, including health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time, and holidays. For more information about our company, visit our website at www.TekSynap.com. If you are interested in exploring job opportunities with us, please apply now.
The safety and health of our employees is of utmost importance. To ensure compliance with any vaccination requirements mandated by contract, applicable law, or regulation, all employees are required to comply. By applying for a role at TekSynap, you are consenting to receive text messages regarding your interview and employment status. If at any time you wish to opt out of text messaging, simply respond “STOP”.
Read more about the Job you will love
Work Environment and Physical Demands
The IT Security Specialist will primarily work in an office environment in Silver Spring, MD. However, depending on client requirements, remote work may be possible. The noise level in the office is generally low. The work schedule is typically a day shift from Monday to Friday, but there may be occasional evening and weekend work to meet program and contract needs. Travel is expected to be less than 10%.
Regarding physical demands, the IT Security Specialist will be required to use their hands for handling, feeling, and touch, as well as reach with their hands and arms. They should be able to communicate effectively by talking and hearing. While standing, walking, sitting, climbing, balancing, stooping, kneeling, crouching, or crawling may be necessary at times. Depending on the situation, the specialist may be required to lift up to 10 pounds, 25 pounds, or even 50 pounds. Good vision, including close vision, distance vision, peripheral vision, and depth perception, is essential, as well as the ability to adjust focus.
Work Authorization/Security Clearance
Candidates for the role of IT Security Specialist must be citizens of the United States. Additionally, a Public Trust clearance is required for this position.
Other Duties
Please note that the job description outlined above may not cover or contain a comprehensive listing of all the activities, duties, or responsibilities required of the IT Security Specialist. Duties, responsibilities, and activities may change at any time with or without notice.
Equal Employment Opportunity
TekSynap is committed to providing equal employment and advancement opportunities to all individuals. Employment decisions will be based on merit, qualifications, and abilities. We do not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law. This nondiscrimination policy extends to all terms, conditions, and privileges of employment, as well as the use of all company facilities and participation in company-sponsored activities. Employment actions, such as promotions, compensation, benefits, and termination of employment, are also subject to this policy.
TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you require a reasonable accommodation to search for a job opening or to submit an application, please contact hr@teksynap.com for assistance.
