In order to apply for this or any other job you will need to log in.
Dynetics, a wholly owned subsidiary of Leidos, is seeking an Information Technology (IT) Security Compliance Specialist to join a diverse and highly skilled team. The candidate will provide support for proposing, coordinating, implementing and enforcing information and information systems security policies, standards and methodologies.
The candidate will help maintain the operational security posture for the IT team and assigned programs to ensure information systems security policies, standards and procedures are established and followed. Candidate will assist with the implementation and management of security aspects of assigned information systems and perform day-to-day security operations for those systems.
The IT Security Compliance Specialist helps evaluate security solutions to ensure they meet security requirements for processing information and performs risk assessment analysis to support IT projects and security assessment and authorization activities. The candidate prepares and reviews documentation to include System Security Management Plans, System Security Plans (SSPs), Security Assessment Reports (SARs), Remediation and Mitigation Plans, Plan of Action and Milestones (POA&Ms), accreditation packages and other documents as required, and leads projects associated with regulatory compliance, risk management and the implementation of methodologies to achieve such goals.IND3
Candidate must possess a Bachelor’s Degree in Information Technology, MIS or a related field with at least 2 years of relevant experience in Information Assurance (IA), with an emphasis on compliance.
Candidate must be moderately familiar with at least one of the following regulations, standards, or models: NIST SP 800-53, NIST SP 800-171, NIST SP 800-172, DFARS 252.204-7012, or the Cybersecurity Maturity Model Certification (CMMC).
Candidates must have experience creating or contributing to documentation in one of the following areas: System Security Management Plans, System Security Plans (SSPs), Security Assessment Reports (SARs), Remediation and Mitigation Plans, or Plan of Actions and Milestones (PoA&Ms).
Candidates must have a strong technical understanding of information and information systems security, as well as experience in implementing and managing IT security solutions.
Knowledge of computer and network vulnerabilities, plus the ability to correlate test data and provide value-added participation during risk assessments and mitigation recommendations is required.
Candidates must have demonstrated ability to interpret technical data and generate compliance documentation.
Remote work is available
***Candidates must be willing to complete one of the following professional certifications within information security (e.g., CASP+, CISA, CISSP, GCIH, or GCED) and relevant computing environments within 12 months from date of hire to meet training requirements. ***
Candidate must be a U.S. citizen.
A Master's degree in the same or related fields would be a plus.
Familiarity with the NIST Risk Management Framework, FIPS, FISMA, etc. is highly desired.
Familiarity with SCAP, CIS Benchmarks, and DISA STIGs would be a plus.
Ability to develop security plans and create professional level documentation is highly desired.
Experience with programming, databases, training and user education is a plus.
A customer service mentality and ability to function in a fast-paced, people-oriented environment is highly preferred.
Candidate must be a US Citizen and possess (and be able to maintain) a Final Secret Clearance or meet the eligibility to obtain (and maintain) a Secret Clearance.