We have an opportunity for a Security Specialist to join our talented Professional Services team. The Contractor shall support the creation and modification of all necessary cybersecurity documents, procedures, and steps that must be completed leading to the Authorization to Operate (ATO) the Commercial-Off-the-Shelf (COTS) products and support Information Assurance and Information System Continuous Monitoring (ISCM). This is a fully remote job.

Responsibilities

Actively coordinate with the infrastructure teams to plan, develop, implement and test security controls that meet Federal regulations, program objectives, operational needs and user experience, particularly data collection components. Support the integration of security across the lifecycle.
• Support development and maintenance of security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports.
• Analyze and define security requirements for information protection.
• Analyze change requests for security risk, monitor and track security-related defects and resolutions, and make recommendations.
• Assist in establishing a continuous monitoring strategy to proactively survey, monitor, and track security-related defects and the status of their resolutions
• Develop ATO artifacts that support independent assessment activities. Consolidate ATO artifacts for input Present status of RMF efforts to DHA as required.
• Responsible for coordinating with the U.S. Government IT Security organizations to define requirements for ensuring security compliance and ATO achievement for COTS products implemented
• Assist to ensure the proper implementation and management of cybersecurity controls.
• Support the intake of the system into client's Risk Management Framework (RMF), and the subsequent execution of the required RMF lifecycle steps pertaining to this system, to include the creation/modification of all necessary artifacts and assurance evidence, assist in security document creation (e.g., SIP), and support SCA testing
• Assist with compliance with the:
• Federal Information Security Management Act (44 U.S.C. 3544) as amended
• Library of Federal Information Processing Standards (FIPS)
• National Institute of Standards and Technology (NIST) 800 series of Special Publications, applicable NIST Interagency Reports (NISTIRs)
• Applicable Office of Management and Budget and Department of Homeland Security issuances
• Client's policies, standards, processes, and Cybersecurity framework
• Develop and maintain all cybersecurity artifacts and procedures
• Provide written responses and implementation notes for NIST 800-53 (Rev. 4) security controls for FedRAMP cloud-based implementations
• Report on any security-related incidents at the ServiceNow FedRAMP or Agency platform level

Required

• BS degree in Computer Science or related field
• 5 years of experience in Cybersecurity and Information Technology
• Demonstrated efficiency and experience in RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware/software inventories
• Experience in assessing systems using NIST 800-53 and/or DISA STIGs and SRGs
• DoD 8570-compliant (CompTIA Security+ certified)
• Ability to leverage experience and lessons learned implementing enhanced security for COTS and cloud systems
• Demonstrated experience with Enterprise PaaS and SaaS Platform Security
• Demonstrated experience performing hands-on patching of systems and configuration of network devices.
• Demonstrated understanding of and experience with applying FISMA and NIST Cybersecurity framework and requirements
• Demonstrated technical expertise of operational and security controls implementation
• Experienced in developing information security policies and procedures
• Experienced in assisting government agencies with documentation and process for obtaining an Authority to Operate (ATO)
• Developed problem-solving and analytical abilities
• Strong customer service and interpersonal skills
• Excellent presentation & communication skills in both oral and written form Genuine desire to learn is essential
• Experience working in the Federal Government

#LI-Remote

Perks of working at NetImpact Strategies

• Your health comes first - we offer comprehensive medical, dental, & vision insurance that starts the first of the month after you join the team
• Invest in your future - 401(k) Plan - Immediately vested employer contributions; no matching required
• Work hard, play hard - we offer a generous Paid Time Off (PTO) policy and observe ALL ten (10) federal holidays
• Pawsitively pawesome - Pet Insurance (because our little critters are part of our families, too!)
• Invest in your education - Tuition reimbursement, internal training programs, & company-sponsored industry certifications
• Be part of a dynamic and collaborative work environment recently ranked by The Washington Post as a Top Work Place in 2019 & 2020!
• Have fun and celebrate and give back - Team building activities, community volunteering, quarterly HQ days, & an offsite annual awards banquet

ABOUT US

NetImpact Strategies Inc. (NetImpact) has been a Trusted Advisor driving impact through digital transformation for the Federal Government for over a decade. We solve complex problems with innovation and agility to create meaningful, transformative, and enduring change. As Trusted Advisors, NetImpact professionals partner with customer agencies to deliver solutions that empower them to not only meet their missions but also realize their strategic vision through agile, outcome-focused solutions addressing both strategic and tactical requirements. We design and implement comprehensive, tailored solutions that are both mindful of the client's culture and organizational dynamics. NetImpact's core values and commitment to a customer and results-oriented delivery approach has propelled our growth and enabled us to deliver impactful value across Strategic Consulting, Process Automation, Cloud, DevSecOps, Data and Analytics, and Cyber Security for the Federal Government.

ACCESSIBILITY NOTE

NetImpact Strategies is committed to complying with all applicable provisions of the Americans with Disabilities Act, as amended ("ADA"), and applicable state and local laws. It is NetImpact's policy not to discriminate against any qualified person or applicant with regard to any terms or conditions of employment on the basis of such individual's disability. Consistent with this policy of non-discrimination, NetImpact will provide reasonable accommodations to an individual with a disability, as defined in the ADA or applicable law, who has made NetImpact aware of his/her disability, unless doing so would cause undue hardship to NetImpact. If you are an applicant and need reasonable accommodation when applying for job opportunities within NetImpact, or request reasonable accommodation to utilize NetImpact's online employment application, please contact careers@netimpactstrategies.com.

EQUAL OPPORTUNITY EMPLOYER

NetImpact is committed to the development of a creative, diverse, and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at NetImpact will be based on merit, qualifications, and abilities. NetImpact does not discriminate against any person because of race, color, creed, religion, sex (including gender identity, sexual orientation, and pregnancy), marital status, national origin, disability, age, veteran status, genetic information or any other characteristic protected by federal, state, and local laws (referred to as "protected status").