Logo
Cherokee Nation Businesses

Information Systems Specialist Mid II

Cherokee Nation Businesses, Trenton, New Jersey, us, 08628


Job Description

Information Systems Specialist - Mid

This position requires an active

Public Trust

clearance.

As an Information Systems Specialist - Mid supporting the Department of Transportation, you will be responsible for maintaining, troubleshooting, and enhancing the agency's information systems. This role includes ensuring system security, optimizing performance, and providing user support. You will collaborate with cross-functional teams to implement IT solutions that improve operational efficiency and support the DoT's mission.

Compensation & Benefits:

Estimated Starting Salary Range for

Information Systems Specialist - Mid : $105,000 to $135,000.

Pay commensurate with experience.

Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice.

Information Systems Specialist - Mid Responsibilities Include: Provide support to the continuous monitoring process, assessing and evaluating Information System (Hardware and Software) inventory to detect vulnerabilities, identifying critical and high weakness via insecure application development techniques, inherited controls from Common Control Provider including FedRAMP cloud service providers (CSP), networked enclaves, and provide remediation or corrective actions to improve the security posture. Provide support in tracking and ongoing evaluation of weakness, vulnerabilities in DOT's Continuous Diagnostic and Mitigation (CDM), other identified security tool suite or other detection reports, issued corrective action plans, re-mediating addressing issues affecting the security posture of applications information system infrastructure. Provide cybersecurity expertise to support cybersecurity in the System's Development Life Cycle (SDLC) process, including supporting processing for requirements review in development phases (Agile, Spiral, DEVSECOPS or Waterfall model), annual Security Assessment and Authorization (SA&A), and Information System Continuous Monitoring (ISCM). Develop / update information system's data for Privacy Impact Assessments (PIAs), Privacy Threshold Analyses (PTAs), and System of Record Notices (SORNs). This includes interfacing/coordinating with the System Owner (SO) that originates/has responsibility for the document to ensure the PIA/PTA/SORN contains appropriate information to be approved/adjudicated by DOT Privacy Office for inclusion in System Authorization package. Assist the System Owner, Information Owner, Component Privacy Officer and Information System Security Manager (ISSM) in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M's) in accordance with DOT policy, guides and procedures. Develop Draft Plan of Action and Milestones (POA&M) for observed control level deficiencies or gaps control implementation(s) in accordance with DOT policy, guides and procedures. Conduct quality assurance reviews of existing POA&Ms to ensure completeness, accuracy and identified solutions are cost effective. Support the information system contingency planning process in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities and ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the Information Systems Contingency Plan (ISCP). Performs other job-related duties as assigned. Information Systems Specialist - Mid Experience, Education, Skills, Abilities requested:

With Bachelor's degree in Information Systems or related field, at least 6 years experience required Without Bachelor's degree, at least 10 years related experience required Minimum of 6 years information system and network security experience with an emphasis in Information Assurance 3 years of experience with federal government customers creating and maintaining IT Authorization to Operate (ATO) packages for new systems and interfacing/coordinating with the System Owners (SO), Business Owners, System Maintainers, and Developers Keen understanding Federal Information Security Modernization Act 2014 (FISMA) and federal requirement for reporting. Keen understanding of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) in detail of all supporting steps and Cybersecurity Framework (CSF) and Privacy Act. Knowledge General Services Administration Federal Risk and Authorization Management Program (FedRAMP) including process for continuous monitoring. At least 3 years of experience:

Assisting system owners with the mitigation/remediation process, following corrective action plans. Conducting weekly and monthly vulnerability and compliance scans of Linux, Windows, and virtual environments with vulnerability tools such as Nessus, Splunk, Invicti (formerly Netsparker), and BigFix. Performing vulnerability application and database security assessment, scanning and results interpretation. With enterprise security architecture methodologies, concepts, procedures, principles, and tools. Contingency planning and backup and recovery best practices and application of NIST guidance in this area. Ability to plan, execute and develop report for application, network (internal or external) vulnerability analysis and provides technical recommendations to maintain and improve mission functionality. Using security control and privacy control findings and status from assessment to develop POA&M for controls that should be put in place to re-mediate vulnerabilities.

Minimum of CompTIA Security plus required within 6 months of hire if not in possession of one of the preferred certifications. Must pass pre-employment qualifications of Cherokee Federal Company Information:

Criterion

is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and

serving

the government's mission with compassion and heart. To learn more about

Criterion , visit cherokee-federal.com.

#CherokeeFederal #LI-DNI

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles:

IT Systems Analyst Network Administrator Systems Support Specialist IT Infrastructure Specialist Systems Engineer Keywords:

Information Systems Troubleshooting System Security Performance Optimization User Support

Legal Disclaimer:

Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.