IT Security Compliance Specialist

IT Security Compliance Specialist (0036)

1 month ago - Be among the first 25 applicants.

This range is provided by OCT Consulting LLC. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$/yr - $/yr

OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

OCT is currently looking for an IT Security Compliance Specialist
. This is a hybrid position requiring at least 3 days per week onsite in Suitland, MD.

The ideal candidate will be proficient in key areas of security such as:

• Vulnerability Management, Intrusion Prevention and Detection
• Access Control and Authorization, Policy Enforcement, Application Security
• Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP)
• Encryption, Two-Factor Authentication, Web filtering, and Advanced Threat Protection.

• Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures, and standards in order to validate the maintenance of secure configurations.
• Map requirements and regulatory requirements across the Risk Management Framework (RMF) information security framework to identify overlapping requirements and compliance efficiencies.
• Track enterprise compliance across multiple security frameworks including Service Organization Control Type 2 (SOC
  2), National Institute of Standards and Technology (NIST), and Federal Information Security Management Act (FISMA) and maintain up-to-date records of requirements and corresponding mitigating controls.
• Monitor third‑party risk assessments and assist in performing internal risk assessments.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Monitor change management process to ensure compliance.
• Develop key performance metrics to track and ensure compliance with established policies and standards.
• Support the development of security processes and procedures and support service‑level agreements to ensure that security controls are managed and maintained.
• Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.

• 7+ years experience with Authorization & Accreditation (A&A) support.
• Proficient in all steps in the NIST RMF framework.
• Knowledgeable in NIST special publications such as 800‑53 & 800‑53A.
• Bachelor's degree or equivalent experience.
• Must have at least one of the following certifications: CAP, GIAC, GSLC, CISM, CRISC, CISSP, or CASP.
• Must be a U.S. Citizen.
• Must be able to obtain and maintain a Public Trust Clearance (the investigation will involve a credit, fingerprint, and law enforcement agency check).

• Medical, Dental, and Vision insurance.
• Retirement savings 401K plan with 3% employer contributions.
• Paid Time Off.
• Life Insurance, Short‑ and Long‑Term Disability benefits.
• Training Benefits.

Salary: $100,000–$120,000, commensurate with experience, education, etc.

OCT Consulting LLC is a minority‑owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies.

At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics.

We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone's contributions are valued and recognized.