Senior Information Security Specialist
- Washington DC
- Permanent
- Full-time
- Administer and maintain intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and firewalls for both on-premises and cloud environments, including authoring custom detection content.
- Monitor real-time network activity, analyze logs and metadata, and investigate anomalies to confirm and respond to intrusion attempts across hybrid infrastructures.
- Perform full-scope digital forensics and incident response (DFIR), covering all phases from scoping and containment to recovery and lessons learned.
- Design and maintain secure network architectures and data loss prevention (DLP) solutions to safeguard sensitive data in cloud and on-premises systems.
- Execute comprehensive security assessments, including penetration testing, ethical hacking, and static/dynamic code analysis, to uncover and address vulnerabilities.
- Demonstrate deep technical understanding of network protocols, system hardening, encryption, identity and access management (IAM), and application security.
- Conduct risk assessments, security gap analyses, and develop actionable mitigation strategies in alignment with NIST, OMB M-22-09, and other federal cybersecurity standards.
- Deploy and support identity, credential, and access management (ICAM) solutions, including multifactor authentication and identity governance frameworks for federal environments.
- Lead compliance efforts, including control assessments under NIST 800-53, POA&M management, and executive reporting on security posture and residual risk.
- Collaborate with stakeholders to build consensus on vulnerability management, prioritize remediation, and ensure alignment with agile development and zero trust initiatives.
- US Citizenship
- Administering and maintaining intrusion detection, prevention, and analysis platforms, including SIEMs, host-based systems, and firewalls, while authoring and implementing custom detection logic.
- Monitoring real-time network activity and analyzing raw data, metadata, and logs to identify, investigating, and responding to anomalies and cybersecurity incidents across on-premises and cloud environments.
- Implementing and maintaining data loss prevention (DLP) capabilities for safeguarding sensitive information in both local and cloud-based systems.
- Designing, supporting, and managing security infrastructure, including upgrading toolsets, applying patches, and configuring settings to align with organizational security goals and zero trust architecture.
- Conducting comprehensive security testing—including ethical hacking, static/dynamic code reviews, and system architecture assessments—for evaluating controls and identifying vulnerabilities.
- Analyzing security data to identify risks, assessing system vulnerabilities, and developing mitigation strategies aligned with federal standards and best practices.
- Leading and supporting vulnerability management efforts, including executing scans, evaluating risk, tracking compliance with BOD 22-01, and generating reports to guide remediation efforts.
- Collaborating with stakeholders for conducting gap analyses, prioritizing vulnerabilities, and developing actionable remediation plans for enterprise systems and networks.
- Deploying and managing enterprise-wide Identity, Credential, and Access Management (ICAM) solutions, supporting MFA, privileged access management, and identity lifecycle governance in compliance with OMB and NIST guidance.
- Developing technical and executive-level documentation, reports, and presentations for communicating findings, readiness status, and recommendations for improving cybersecurity posture.
- A Bachelor’s degree from an accredited college or university
- Certified Incident Handler (GCIH)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Certified Forensic Analyst (GCFA)
- Information Systems Security Engineering (ISSE)
- Certified Cloud Security Engineer (CCSE)
- Offensive Security Certified Professional (OSCP)
- GIAC Penetration Tester (GPEN)
- Certified Information Systems Security Professional (CISSP)
- GIAC Enterprise Vulnerability Assessor (GEVA)
- Certified Analytics Professional (CAP)