IT Security Specialist III at GAMA-Technologies Silver , MD

IT Security Specialist III job at GAMA-1 Technologies. Silver Spring, MD.
Summary
GAMA-1 Technologies, LLC seeks an experienced IT Security Specialist III to strengthen program efficiency, effectiveness, and consistency through timely, high-quality security assessments for all High and Moderate systems under the Risk Management Framework (RMF) in a telework environment . The specialist will plan, implement, upgrade, and monitor security measures to protect networks, systems, and information assets. Key responsibilities include assessing system vulnerabilities, identifying and mitigating security risks, and ensuring appropriate controls are in place to safeguard digital assets and critical infrastructure.

The role may also involve responding to security incidents, breaches, and malware threats to maintain a secure operating environment.
Supervisory Responsibilities

• No

• Review all relevant security documentation for the system to be assessed.
• Review system-developed core security documentation.
• Document computersecurityand emergency measures policies, procedures, and tests.
• Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities andsecuritymeasures.
• Perform a thorough, accurate, and effective evaluation of the systems security controls.
• Provide technical security expertise on network defense, endpoint security, cloud security, and identity/access management.
• Develop high quality security authorization package documentation.
• Develop and maintain sound IT security policies, procedures, templates, and checklists for assessments.
• Collaborate with program managers, developers, and infrastructure teams to embed security throughout the system lifecycle.
• Train and mentor junior staff in cybersecurity best practices and federal compliance requirements.

• Ensure adherence to organizational information security policies and procedures; actively participate in mandatory security awareness training; and manage confidential and sensitive information in accordance with company protocols and data protection standards.

• Bachelor’s degree in Engineering, Information Technology, Business, or a related field (or equivalent work experience).
• 4-8 of experience in IT security, with at least 3 years supporting federal government systems.
• Knowledge of IT security policies and implementation standards, and comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing Standards
• Proficiency in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security tools
• Proficiency with enterprise architecture methodologies, concepts, procedures, principles, and tools
• Ability to facilitate effective communications between federal clients, system personnel, and the assessment team
• Familiarity with various scanning and monitoring tools
• Familiarity with security assessments in a cloud environment
• Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project)
• Knowledgeable in penetration testing
• Strong verbal and written communication skills
• Must be organized, timely, and customer service oriented
• Ability to work well independently and in a team setting
• Adaptability, flexibility, and ability to deal with ambiguity and change
• Experience with NIST SP 800-37 Risk Management Framework, NIST 800-53 REV 5 and FISMA A&A continuous monitoring
• Experienced with Security Repository Tools such as Cyber Security Assessment and Management (CSAM)

• Relevant professional certifications: CISSP, CEH, CISM, CCSP, CISA, CompTIA Security+
• Additional industry certifications…