Harmonia Holdings Group, LLC, an award-winning federal government contractor, has an exciting opportunity for a Information Security Specialist to join our team.
Essential Job Functions:
Responsibilities include analysis, design, development, testing, data staging, and implementation activities.
Responsible for delivering a high-quality application with a strong emphasis on secured transport of information.
Minimum Required Qualifications:
U.S. citizen or legal permanent resident (must have been a permanent resident for a minimum of 3 years).
Bachelor's degree and at least 5 years of experience working in Information Technology in the Information Security/Assurance field.
Ability to obtain and maintain a Public Trust clearance
Prior experience working on US Federal Government projects.
One of more of the following certifications: GIAC Security Essentials (GSEC), GIAC Systems and Network Auditor (GSNA), GIAC Critical Controls Certification (GCCC), Open FAIR™ Risk Management Certification; and ISC2 Certified Information Systems Security Professional (CISSP). CISSP is preferred.
This position is a hybrid role. Qualified candidates must be local to the DMV area to be able to commute into the office a couple days a week (either Mclean VA or client site).
Knowledge, Skills, and Abilities:
Strong customer service, client-facing skills
Excellent oral and written communication skills
Demonstrated experience developing, updating, maintaining and controlling the following artifacts in accordance with the USDA IT Security Policies and NIST Special Publications and FIPS standards:
System Security Plans (SSPs).
Risk Assessments (RAs)
Information Security Continuous Monitoring (ISCM) Plans
Plan of Action & Milestones (POA&M) Closure Memos
Security Control Assessments (SCAs), including the Assessment Plan and Assessment Report
Information System Architecture Documents and other system diagrams
Configuration Management Plan
Contingency Plan
Continuity of Operations (COOP) Plan
Business Continuity Plan
Disaster Recovery Plan
Business Impact Assessment
Incident Response Plan
Security Impact Analysis (SIA)
Standard Operating Procedures (SOPs)
Any other artifacts necessary to prove the validity of system security controls and document the overall security and integrity of the information system.
Experience with developing initial Authority to Operate (ATO) packages and ATO re-authorizations and updates.
Understanding and/or experience with the use and application of the Risk Management Framework (RMF) from NIST Special Publication (SP) 800-37 and the Security and Privacy Controls for Federal Information Systems and Organizations SP 800-53. This includes conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.
Capable of understanding basic systems operations to apply understanding to security.
Preferred Skills:
Knowledge of Cyber Security Asset Management (CSAM) System.
Be able to assist in systems testing.
Here at Harmonia, we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
Recognized as a Top 20 "Best Place to Work in Virginia"
Recipient of Department of Labor's HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years