Security Specialist, Risk Management Framework at Pop-Up Talent in Springfield, Virginia

Job Description:

• Full Time
• SS-RMF

• We are a full-spectrum security and intelligence company established by a group of like-minded Veterans. We are passionate about supporting our client's missions and ensuring they are prepared to address the modern threat environment. We provide services to a range of clients within the US Intelligence Community, Department of Defense, Cleared Defense Contracting, Defense Industrial Base, and the Private Sector. We are comprised of 90% Veteran staff and pride ourselves on maintaining a close-knit and collaborative work environment. We prioritize the wellbeing of our personnel and are dedicated to helping you achieve your personal goals. We offer a competitive benefits package, including a 401K with corporate match, paid health, vision, dental, and other insurance options. We also offer a variety of incentives and opportunities to support the development and growth of our personnel

• Clearance: Must currently possess an active TS/SCI security clearance and be able to obtain a CI polygraph after hire (if not before)
• Location: Springfield, VA
• Salary Range: $115,000 - $170,000
• Experience: Must have at least 7+ years of experience implementing Risk management Framework best practices
• Description: Support implementing Risk Management Framework best practices to customer's mission-critical systems

• Prepare Assessment & Authorization (A&A) security documentation for background investigation support systems, including CONOPS, Security Test Plan (STP), hardware/software list, network/data flow diagrams, standard operating procedures, policies, Privacy Threshold Analysis (PTA), Memorandum of Understanding (MOU), Interconnection Service Agreement (ISA), Contingency Plan, and topological drawings
• Ensure data sensitivity through coordination and use of multiple security countermeasures to protect the integrity of the information assets in the enterprise
• Document, manage, and control the integrity of changes to all systems security documentation, including standard operating procedures and user guides that provide instructions for implementing IT systems security policies
• Assist in selecting minimum-security controls to establish a baseline of measures to prevent security breaches, and document selected controls in the security plan and Risk Assessment Report (RAR)
• Document security control implementation in the security plan, providing a functional description of control implementation
• Conduct security testing to verify correct implementation and operation of security controls
• Conduct remedial actions on security controls based on findings from the Security Assessment Report and reassess remediated controls
• Review vulnerability scans and ensure accountable parties have responded appropriately to vulnerability findings
• Monitor and analyze systems logs daily to identify trends and assess security effectiveness
• Ensure investigation operations follow accreditation standards using Intelligence Community Directive (ICD) 503 and RMF, categorizing methods of High Confidentiality, High Integrity, and Moderate Availability
• Conduct bi-weekly vulnerability scans and quarterly Security Technical Implementation Guide (STIG) System scans and provide scan results as part of monthly reports

• Must currently possess an active TS/SCI security clearance and be able to obtain a CI polygraph after hire (if not already held)
• Must be self-motivated, disciplined, and mature, capable of operating with little tasking and oversight
• Bachelor's Degree or equivalent experience in a related field
• CompTIA Security+ or CISSP Certifications
• 7+ years' experience

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Health insurance
• Health Savings Account (HSA)
• Life insurance
• Paid time off
• Parental leave
• Professional development assistance
• Referral program
• Retirement plan
• Vision insurance