Position Title: Cyber Security Specialist
Location: Raleigh, NC 27607
Clearance Required: Public Trust or higher
Position Status: 6 month contract-to-hire
Compensation: Extremely competitive
Shift: Monday - Friday (8am to 5pm)
Job Description:
- ISSO Cloud SME
- Provides Cloud Security Architecture and Compliance expertise for the U.S. Postal Service.
- Works closely with Account Security Officer (ASO), Segment Security Officers (SSO) and Cloud Service Providers (CSP) to ensure FedRAMP compliance
- Provides Cloud Computing Migration Assessments and Accreditations Services (A&A) for Software (SaaS), Infrastructure (IaaS), and Platforms (PaaS) using Federal Risk and Authorization Management Program (FedRamp) compliant criteria.
- Works closely with Account Security Officer (ASO) and Segment Security Officers (SSO) to ensure operational security measures are implemented.
- Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.
- Reviews and continuously monitors implemented security controls.
- Creates and maintains security checklists, templates and other tools to aid in the A&A process.
- Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
- Performs risk analyses to determine and recommends essential safeguards.
- Proactively mitigates system vulnerabilities and recommends compensating controls.
- Prepares security authorization packages in accordance with the client contractual requirements.
- Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
- Monitors and Maintains client-specific Plan of Action and Milestones and supports remediation activities.
- Monitors and Maintains an inventory of hardware and software for the information system.
- Monitors and Develops, tests and trains on Contingency and Incident Response planning.
- Conducts and reviews independent scans of application with Program Team, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable.
Requirements:
- 10+ years’ experience working as an Information Assurance Analyst for an information technology, information assurance, or information management program
- One of the following certifications required: CompTIA Security+, CPTE or CEH
- Must have an active Public Trust or higher
Education:
- Must possess a minimum of a Bachelor’s Degree or Master’s Degree, PhD or JD in a technical specialty such as cyber security, computer science, management information systems or related IT field (Master's Degree Preferred)