Systems Security Lead in Washington, DC

View All Technical Services jobs

Industry:

Technical Services   •  

5 - 7 years

Posted 8 weeks ago

The fundamental distinction of the OST team is its business knowledge in both the public and private sectors. We serve the aerospace & transportation, association & nonprofit, defense, education, energy, financial, healthcare, and technology & telecommunications industries. OST is successful because we listen to our clients, we learn from our clients, and we know our clients.

Job Duties:

  • Design, develop, test, audit, and document security controls
  • Develop security procedures and supporting documentation (e.g., Security Assessment Report)
  • Perform security continuous monitoring activities.
  • Conduct systems security assessments and Security Impact Analysis (SIA) and make recommendations for remediation's
  • Update security control implementation statements, system and/or application inventory, system and technical descriptions as appropriate in Cyber Security Assessment Management (CSAM)
  • Perform POA&M remediation request activities in CSAM (e.g., draft approval, POA&M cancellation and closures)
  • Review, monitor, and report POA&M status to stakeholders
  • Develop, update and upload system security documentation, policies and procedures to CSAM
  • Engage in designing, testing, and deploying technical changes to the environment with a focus on security
  • Daily review and analysis of server logs to report and/ or fix unusual or suspected activities
  • Perform initial validation to determine whether to create and submit tickets for log events; maintain report to track submitted tickets until resolved
  • Perform annual-self assessment and decommissioning activities
  • Perform vulnerability scanning for annual self-assessment
  • Review, analyze, and remediate monthly vulnerability scan findings
  • Effectively communicate in writing and verbally with team and customer
  • Prepare monthly status reports and facilitate monthly status meetings
  • Manage team members

Position Requirements:

  • Minimum of 5 years performing security compliance, auditing and/or assessments
  • Experience with various operating systems (e.g., Windows, Linux), application software, databases, web applications, networks and network devices
  • In-depth knowledge of government policies and industry standards related to developing, auditing and IT compliance (e.g., FISMA, NIST SPs, FedRamp, etc.)
  • Bachelor's degree in related fields
  • Minimum 2 years' experience as a Team Lead or Supervisor
  • Ability to allocate tasks to staff, report to management, and discuss and resolve problems.
  • Security+ CE and/or CISSP Certification(s), Certified Authorizing Professional (CAP) or other IT and security-related certifications
  • Security Assessment and Authorization (SA&A) experience as it relates to cybersecurity, information assurance, or Information Technology (IT)
  • Good organization skills related to planning and organizing
  • Excellent analytical and problem-solving skills
  • Ability to effectively communicate in writing and verbally with team and customer
  • Ability to receive a 6C high public trust clearance
  • US Citizen

Nice to Have:

  • Working knowledge of SharePoint
  • Experience with scanning tools (e.g., Nessus, Ap