Systems Security Lead in Washington, DC

The fundamental distinction of the OST team is its business knowledge in both the public and private sectors. We serve the aerospace & transportation, association & nonprofit, defense, education, energy, financial, healthcare, and technology & telecommunications industries. OST is successful because we listen to our clients, we learn from our clients, and we know our clients.

Job Duties:

• Design, develop, test, audit, and document security controls
• Develop security procedures and supporting documentation (e.g., Security Assessment Report)
• Perform security continuous monitoring activities.
• Conduct systems security assessments and Security Impact Analysis (SIA) and make recommendations for remediation's
• Update security control implementation statements, system and/or application inventory, system and technical descriptions as appropriate in Cyber Security Assessment Management (CSAM)
• Perform POA&M remediation request activities in CSAM (e.g., draft approval, POA&M cancellation and closures)
• Review, monitor, and report POA&M status to stakeholders
• Develop, update and upload system security documentation, policies and procedures to CSAM
• Engage in designing, testing, and deploying technical changes to the environment with a focus on security
• Daily review and analysis of server logs to report and/ or fix unusual or suspected activities
• Perform initial validation to determine whether to create and submit tickets for log events; maintain report to track submitted tickets until resolved
• Perform annual-self assessment and decommissioning activities
• Perform vulnerability scanning for annual self-assessment
• Review, analyze, and remediate monthly vulnerability scan findings
• Effectively communicate in writing and verbally with team and customer
• Prepare monthly status reports and facilitate monthly status meetings
• Manage team members

Position Requirements:

• Minimum of 5 years performing security compliance, auditing and/or assessments
• Experience with various operating systems (e.g., Windows, Linux), application software, databases, web applications, networks and network devices
• In-depth knowledge of government policies and industry standards related to developing, auditing and IT compliance (e.g., FISMA, NIST SPs, FedRamp, etc.)
• Bachelor's degree in related fields
• Minimum 2 years' experience as a Team Lead or Supervisor
• Ability to allocate tasks to staff, report to management, and discuss and resolve problems.
• Security+ CE and/or CISSP Certification(s), Certified Authorizing Professional (CAP) or other IT and security-related certifications
• Security Assessment and Authorization (SA&A) experience as it relates to cybersecurity, information assurance, or Information Technology (IT)
• Good organization skills related to planning and organizing
• Excellent analytical and problem-solving skills
• Ability to effectively communicate in writing and verbally with team and customer
• Ability to receive a 6C high public trust clearance
• US Citizen

Nice to Have:

• Working knowledge of SharePoint
• Experience with scanning tools (e.g., Nessus, Ap