By Light HQ

Information System Security Specialist

Job Locations US-MD-Fort Meade
Posted Date 1 week ago(2/18/2021 8:56 AM)
# of Openings


By Light Professional IT Services is seeking a Information System Security Specialist to join our Joint Regional Security Stacks (JRSS) program team in Hanover, MD.  This is an exciting key position to a major Department of Defense initiative.  The candidate will will guide and advise on all matters involving the Risk Management Framework (RMF), Assessment and Authorizations (A&A) and day-to-day security of JRSS. Analyst will work closely with government and IA Team to support Authorization to Operate accreditation conditions and requirements.


  • Conduct network security reviews that include validation of DISA's Security Technical Implementation Guide (STIG), network security policy, requirements and design.
  • Managing and documenting A&A projects using Enterprise Mission Assurance Support Service (eMASS) A&A workflow platform.
  • Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA&M) and security policies and procedures
  • Provide guidance in the implementation of security controls, doctrine and policies.
  • Implement information assurance (IA) and security standards and procedures to identify, report and resolve security violations.
  • Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
  • Integrate and implement computer system security solutions.  Analyze general IA related technical problems and support in solving these problems.
  • Monitor the JRSS Stack for IAVA compliance and assess impact on DOD computer networks.
  • Manage Assured Compliance Assessment Solution (ACAS) to enable automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discovery
  • Manage McAfee ePolicy Orchestrator (HBSS) to prevent, detect, track, report, and remediate malicious computer-related activities and incidents

Required Experience/Qualifications

  • BS degree in Computer Science, or other comparable technical degree from an accredited college/university and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience.
  • Must possess excellent writing and communication skills; have the ability to develop documentation and management level presentations.
  • Candidate is expected to have technical knowledge and skills in one of the following areas: System Administration, network engineering, applications, and security operations.
  • Demonstrate potential and willingness to learn and adapt to rapid changes in technology.

Preferred Experience/Qualifications

  • Security+, CISSP certificates or other security certificates that meet DOD 8570 IAT Level II.
  • Experience in performing risk assessment, IT audits, security planning, systems accreditation and policy development.
  • Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
  • Understanding of related information technology (e.g. firewalls, VPN, virtualization, DLP, etc) and physical security assets.
  • Understanding of basic networking, routing and transport security technologies and architectures
  • Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
  • Experience with UNIX/LINUX OS and any scripting language.
  • Experience working with IDS/IPS and processes.

Special Requirements/Security Clearance

  • Secret clearance required


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed