ECS is seeking a Information Assurance/Security Specialist - Level II to work in our Falls Church, VAoffice. Please Note: This position is contingent upon [contract award]. We are currently seeking a skilled and experienced Cybersecurity Specialist - Level II to join our team in the National Capital Region. As a Cybersecurity Specialist, you will be responsible for implementing and enforcing security policies, developing and monitoring security controls, conducting compliance audits, and supporting incident response activities. If you have a strong background in information security, expertise in policy implementation, and a commitment to safeguarding information systems, we encourage you to apply for this position. Responsibilities:
- Implement and enforce security policies and procedures to ensure compliance with applicable laws, regulations, and standards.
- Develop, implement, and monitor security controls to protect information systems from threats and vulnerabilities.
- Conduct regular audits and assessments to ensure compliance with security policies and regulatory requirements.
- Identify, assess, and mitigate security risks to safeguard information systems and data.
- Create and maintain security documentation, including security plans, policies, procedures, and guidelines.
- Develop and conduct security training and awareness programs to educate users on security best practices and compliance requirements.
- Support the development and execution of incident response plans to address security breaches and incidents effectively.
- Provide recommendations for security improvements based on audit findings, threat assessments, and compliance requirements.
- Prepare for security inspections and assessments by gathering necessary documentation, evidence, and reports.
- Provide support during readiness inspections, including responding to inquiries and demonstrating compliance with security policies.
- Identify deficiencies and gaps in security practices during inspections and develop corrective action plans to address them.
- Generate and submit detailed reports on inspection findings, corrective actions, and compliance status to relevant stakeholders.
- Conduct follow-up activities to ensure identified deficiencies are addressed and resolved in a timely manner.
- Implement lessons learned from inspections to improve security practices and readiness for future assessments.
- Monitor information systems for potential security threats, vulnerabilities, and incidents using various security tools and technologies.
- Analyze threat intelligence data to identify trends, patterns, and emerging threats that could impact the organization's security posture.
- Coordinate and respond to security incidents, including investigation, containment, remediation, and recovery activities.
- Generate and manage security alerts and notifications to inform relevant stakeholders about potential threats and incidents.
- Perform regular vulnerability assessments and scans to identify and mitigate security weaknesses in information systems.
- Manage and analyze security logs and event data to detect and respond to suspicious activities and anomalies.
- Produce and distribute regular reports on threat activities, incident response actions, and security posture to management and stakeholders.
- IAT Level III - CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP; IAM Level III - CISM, CISSP (or Associate), GSLC, or CCISO
- CE: Associate level (professional preferred) certificate for supported technology.
- Four (4) years of progressive experience demonstrating the required proficiency.
- Bachelor's degree and/or equivalency.
- Support Monday - Friday work week with occasional weekend and after-hours support.
- Must be able to lift up to 35lbs regularly
- Must be able to move about on foot to accomplish tasks, particularly for long distances or moving throughout facilities/site to site.