NetImpact Strategies
Senior IA Security Specialist
NetImpact Strategies, Falls Church, VA
Job Description
We are seeking an experienced Senior IA/Security Specialist to join our team in the DC, VA, MD area. This senior-level role involves leading and executing advanced cybersecurity assessments, driving strategic security initiatives, managing Certification and Accreditation (C&A) processes, and ensuring compliance with NIST, RMF, and other relevant standards. The ideal candidate will have a deep understanding of administering MAC3 and MAC2 environments, conducting complex security reviews, managing high-level security documentation, investigating critical security incidents, and overseeing two-factor identification protocols.
Responsibilities
Qualifications
Required
Preferred
#LI-Onsite
About Us
Perks of working at NetImpact Strategies
ABOUT US
NetImpact Strategies Inc. (NetImpact) has been a Trusted Advisor driving impact through digital transformation for the Federal Government for over a decade. We solve complex problems with innovation and agility to create meaningful, transformative, and enduring change. As Trusted Advisors, NetImpact professionals partner with customer agencies to deliver solutions that empower them to not only meet their missions but also realize their strategic vision through agile, outcome-focused solutions addressing both strategic and tactical requirements. We design and implement comprehensive, tailored solutions that are both mindful of the client's culture and organizational dynamics. NetImpact's core values and commitment to a customer and results-oriented delivery approach has propelled our growth and enabled us to deliver impactful value across Strategic Consulting, Process Automation, Cloud, DevSecOps, Data and Analytics, and Cyber Security for the Federal Government.
ACCESSIBILITY NOTE
NetImpact Strategies is committed to complying with all applicable provisions of the Americans with Disabilities Act, as amended ("ADA"), and applicable state and local laws. It is NetImpact's policy not to discriminate against any qualified person or applicant with regard to any terms or conditions of employment on the basis of such individual's disability. Consistent with this policy of non-discrimination, NetImpact will provide reasonable accommodations to an individual with a disability, as defined in the ADA or applicable law, who has made NetImpact aware of his/her disability, unless doing so would cause undue hardship to NetImpact. If you are an applicant and need reasonable accommodation when applying for job opportunities within NetImpact, or request reasonable accommodation to utilize NetImpact's online employment application, please contact [redacted].
EQUAL OPPORTUNITY EMPLOYER
NetImpact is committed to the development of a creative, diverse, and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at NetImpact will be based on merit, qualifications, and abilities. NetImpact does not discriminate against any person because of race, color, creed, religion, sex (including gender identity, sexual orientation, and pregnancy), marital status, national origin, disability, age, veteran status, genetic information or any other characteristic protected by federal, state, and local laws (referred to as "protected status").
We are seeking an experienced Senior IA/Security Specialist to join our team in the DC, VA, MD area. This senior-level role involves leading and executing advanced cybersecurity assessments, driving strategic security initiatives, managing Certification and Accreditation (C&A) processes, and ensuring compliance with NIST, RMF, and other relevant standards. The ideal candidate will have a deep understanding of administering MAC3 and MAC2 environments, conducting complex security reviews, managing high-level security documentation, investigating critical security incidents, and overseeing two-factor identification protocols.
Responsibilities
- Lead advanced cybersecurity assessments using the NIST SP 800-171 DoD Assessment Scoring Template and other frameworks.
- Guide teams in entering and analyzing assessment results in the Supplier Performance Risk System (SPRS) and other reporting systems.
- Strategically analyze and enhance system security practices to ensure robust protection of enterprise information systems.
- Provide expert guidance to system owners and ISSOs in designing, developing, and authoring C&A documentation packages, including System Security Plans (SSP) and Security Assessment Reports (SAR).
- Drive Authorization to Operate (ATO) processes, including stakeholder management and strategic planning for obtaining and maintaining ATOs.
- Oversee the maintenance of Plans of Action and Milestones (POA&M), ensuring timely remediation of identified security risks.
- Ensure compliance with National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF) standards through policy development, strategic planning, and hands-on leadership.
- Administer and manage Government Mission Assurance Category (MAC) Three (MAC3) and MAC Two (MAC2) environments, ensuring security protocols are adhered to at all levels.
- Oversee access control, malicious code protection, vulnerability management, patch management, and audit logging across enterprise systems.
- Lead IA security compliance reviews through ad-hoc, annual, and quarterly assessments, providing recommendations for continuous improvement.
- Serve as a senior advisor on security information requests, ensuring alignment with organizational and regulatory requirements.
- Conduct and oversee comprehensive security reviews for all new or modified systems, devices, and configurations to ensure a consistent and robust security posture.
- Manage high-level security-related documentation, including System Security Authorization Agreements (SSAA), risk mitigation strategies, waivers, and approvals.
- Lead detailed investigations and provide expert documentation of security incidents, coordinating with relevant stakeholders to mitigate risks.
- Maintain and enhance Common Access Card (CAC) login, Public Key Infrastructure (PKI), or other Government-authorized two-factor identification protocols.
- Manage application approval processes, user rights forms, and other security-related databases.
- Provide senior-level expertise in the use of Government scanning tools such as Retina, AppDetective, and ACAS.
- Lead forensic analysis and coordinate responses to Intrusion Prevention Systems (IPS) alerts.
Qualifications
Required
- Bachelor's degree and/or equivalency.
- One or more of the following (IAT III)
- CASP+ CE
- CCNP Security
- CISA
- CISSP (or Associate)
- GCED
- GCIH
- CCSP
- One or more of the following (IAM III)
- CISM
- CISSP (or Associate)
- GSLC
- CCISO
- CE: Associate level (professional preferred) certificate for supported technology.
- Four (6) years of progressive experience demonstrating the required proficiency.
- Secret Clearance.
Preferred
- Federal Consulting Industry Experience Preferred
#LI-Onsite
About Us
Perks of working at NetImpact Strategies
- Your health comes first - we offer comprehensive medical, dental, & vision insurance that starts the first of the month after you join the team
- Invest in your future - 401(k) Plan - Immediately vested employer contributions; no matching required
- Work hard, play hard - we offer a generous Paid Time Off (PTO) policy and observe ALL ten (10) federal holidays
- Pawsitively pawesome - Pet Insurance (because our little critters are part of our families, too!)
- Invest in your education - Tuition reimbursement, internal training programs, & company-sponsored industry certifications
- Be part of a dynamic and collaborative work environment recently ranked by The Washington Post as a Top Work Place in 2019, 2021,2022, & 2023!
- Have fun and celebrate and give back - Team building activities, community volunteering, quarterly HQ days, & an offsite annual awards banquet
ABOUT US
NetImpact Strategies Inc. (NetImpact) has been a Trusted Advisor driving impact through digital transformation for the Federal Government for over a decade. We solve complex problems with innovation and agility to create meaningful, transformative, and enduring change. As Trusted Advisors, NetImpact professionals partner with customer agencies to deliver solutions that empower them to not only meet their missions but also realize their strategic vision through agile, outcome-focused solutions addressing both strategic and tactical requirements. We design and implement comprehensive, tailored solutions that are both mindful of the client's culture and organizational dynamics. NetImpact's core values and commitment to a customer and results-oriented delivery approach has propelled our growth and enabled us to deliver impactful value across Strategic Consulting, Process Automation, Cloud, DevSecOps, Data and Analytics, and Cyber Security for the Federal Government.
ACCESSIBILITY NOTE
NetImpact Strategies is committed to complying with all applicable provisions of the Americans with Disabilities Act, as amended ("ADA"), and applicable state and local laws. It is NetImpact's policy not to discriminate against any qualified person or applicant with regard to any terms or conditions of employment on the basis of such individual's disability. Consistent with this policy of non-discrimination, NetImpact will provide reasonable accommodations to an individual with a disability, as defined in the ADA or applicable law, who has made NetImpact aware of his/her disability, unless doing so would cause undue hardship to NetImpact. If you are an applicant and need reasonable accommodation when applying for job opportunities within NetImpact, or request reasonable accommodation to utilize NetImpact's online employment application, please contact [redacted].
EQUAL OPPORTUNITY EMPLOYER
NetImpact is committed to the development of a creative, diverse, and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at NetImpact will be based on merit, qualifications, and abilities. NetImpact does not discriminate against any person because of race, color, creed, religion, sex (including gender identity, sexual orientation, and pregnancy), marital status, national origin, disability, age, veteran status, genetic information or any other characteristic protected by federal, state, and local laws (referred to as "protected status").