GAMA-1 Technologies
IT Security Architect
GAMA-1 Technologies, Silver Spring, Maryland, United States, 20900
The IT Security Architect will support the National Oceanic and Atmospheric Administration’s (NOAA) National Environmental Satellite, Data, and Information Service (NESDIS) by advising on IT security requirements and best practices for system design solutions, develop migration and implementation plans, and assist with security risk measurement. The IT Security Architect must possess experience with NIST 800 publications standards. The candidate will have experience collaborating with a team of security professionals. Other key responsibilities include:Develop system designs compliant with architectural requirements and common controls following NIST guidelines;Provide Enterprise Security Architecture program and policy support;Develop, manage and review Configuration Management Plans, Operating Procedures, ConOps, Program Management Plans, and System Security Plans.
We are seeking individuals who take a consulting approach to supporting our government customers. Successful candidates will be proactive and motivated to succeed. Individuals must possess the communication and soft skills to work through challenges by balancing a wide array of stakeholders’ interests and requirements.
KEY DUTIESProvide consultation on information security best practices and advise on ways to enhance cybersecurity practices, techniques, and procedures;Provide expertise in security requirements for migrating on premise IT system into a FedRAMP Cloud environment;Apply in-depth understanding of the NIST Risk Management Framework;Provide constructive comments/edits to various IT security documents as a compliance check (ex: Review FIPS199, FIPS200, ISAs, SSP);Work with and assist NESDIS System Owners and Information System Security Officers in a collegial and non-confrontational manner from the perspective of a service organization/provider;Support IT security incident response and reporting;Utilize the various IT security tools used in NESDIS (ex: IBM Bigfix, Tenable Security Center/Nessus, Arcsight);Work with technical team and subject matter experts to collect and document system security control descriptions;Perform a variety of IT security tasks.
ESSENTIAL QUALIFICATIONSDetail oriented;Strong verbal communication skills;Excellent writing skills; extensive experience producing quality technical documentation;Excellent attention to detail and good analytical skills;Ability to work well independently and in a team setting;Adaptability, flexibility, and ability to deal with ambiguity and change;Must be organized, timely, and customer service oriented;In-depth knowledge of NIST SP 800-53 R4;In-depth knowledge of NIST SP 800-82.
TECHNICAL SKILLSExperience with IT Security Architecture or IT Security Engineering;Experience with RMF in the Cloud;Experience implementing IT security improvements, both technical and developing complete documentation;Experience with the various IT security tools used in NESDIS (ex: IBM Bigfix, Tenable Security Center/Nessus, ArcSight);Experience with IT security incident response;Knowledge of security best practices such as defense in-depth, least privileges, access controls, encryption;Knowledge of System and Network administration;Experience supporting a NOAA/NESDIS or other Mission system as either a ISSO or ISSO support person would be a plus.
EDUCATION, CERTIFICATIONS, AND OTHER QUALIFICATIONSBachelor’s Degree in Computer Science or related field (i.e., EE, CPE, MIS, IT);Preferred:
CISSP; or ability to obtain CISSP within 6 months (DOC CITR-06 Security Certifications);Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project);Ability to work well both independently and in a team setting;Adaptability, flexibility, and ability to deal with ambiguity and change;Ability to obtain and maintain a Public Trust clearance;Should possess and maintain one or more of the following certifications:ISC2 Certified Information Systems Security Professional (CISSP);ISC2 Information Systems Security Architecture Professional (ISSAP) - highly desirable;ISACA Certified Information System Manager (CISM);ISACA Certified Information System Auditor (CISA);GIAC Security Leadership Certification (GSLC);EC-Council Certified Chief Information Security Officer (CCISO);CSA Certificate of Cloud Security Knowledge (CCSK);Cloud Service Provider (CSP) Architecture Certification (CSP- AWS, Azure, Google).
Government Customer offers a hybrid work arrangement and currently requires 4 days per month onsite. Subject to change.
ABOUT GAMA-1GAMA-1 is a rapidly growing technology business that is based in Greenbelt, Maryland. GAMA-1 Technologies provides strategic information assurance, information security, and business enterprise and networking solutions to the Federal Government. Our success is based on the utilization of industry and agency standards, establishment of standardized processes, and IT Services expertise. At GAMA-1, we believe employees should grow, achieve, and develop just as the company grows, achieves, and develops. GAMA-1 is committed to providing our employees with opportunities for career advancement throughout their employment. For more information, visit www.gama1tech.com.GAMA-1 is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
#J-18808-Ljbffr
We are seeking individuals who take a consulting approach to supporting our government customers. Successful candidates will be proactive and motivated to succeed. Individuals must possess the communication and soft skills to work through challenges by balancing a wide array of stakeholders’ interests and requirements.
KEY DUTIESProvide consultation on information security best practices and advise on ways to enhance cybersecurity practices, techniques, and procedures;Provide expertise in security requirements for migrating on premise IT system into a FedRAMP Cloud environment;Apply in-depth understanding of the NIST Risk Management Framework;Provide constructive comments/edits to various IT security documents as a compliance check (ex: Review FIPS199, FIPS200, ISAs, SSP);Work with and assist NESDIS System Owners and Information System Security Officers in a collegial and non-confrontational manner from the perspective of a service organization/provider;Support IT security incident response and reporting;Utilize the various IT security tools used in NESDIS (ex: IBM Bigfix, Tenable Security Center/Nessus, Arcsight);Work with technical team and subject matter experts to collect and document system security control descriptions;Perform a variety of IT security tasks.
ESSENTIAL QUALIFICATIONSDetail oriented;Strong verbal communication skills;Excellent writing skills; extensive experience producing quality technical documentation;Excellent attention to detail and good analytical skills;Ability to work well independently and in a team setting;Adaptability, flexibility, and ability to deal with ambiguity and change;Must be organized, timely, and customer service oriented;In-depth knowledge of NIST SP 800-53 R4;In-depth knowledge of NIST SP 800-82.
TECHNICAL SKILLSExperience with IT Security Architecture or IT Security Engineering;Experience with RMF in the Cloud;Experience implementing IT security improvements, both technical and developing complete documentation;Experience with the various IT security tools used in NESDIS (ex: IBM Bigfix, Tenable Security Center/Nessus, ArcSight);Experience with IT security incident response;Knowledge of security best practices such as defense in-depth, least privileges, access controls, encryption;Knowledge of System and Network administration;Experience supporting a NOAA/NESDIS or other Mission system as either a ISSO or ISSO support person would be a plus.
EDUCATION, CERTIFICATIONS, AND OTHER QUALIFICATIONSBachelor’s Degree in Computer Science or related field (i.e., EE, CPE, MIS, IT);Preferred:
CISSP; or ability to obtain CISSP within 6 months (DOC CITR-06 Security Certifications);Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project);Ability to work well both independently and in a team setting;Adaptability, flexibility, and ability to deal with ambiguity and change;Ability to obtain and maintain a Public Trust clearance;Should possess and maintain one or more of the following certifications:ISC2 Certified Information Systems Security Professional (CISSP);ISC2 Information Systems Security Architecture Professional (ISSAP) - highly desirable;ISACA Certified Information System Manager (CISM);ISACA Certified Information System Auditor (CISA);GIAC Security Leadership Certification (GSLC);EC-Council Certified Chief Information Security Officer (CCISO);CSA Certificate of Cloud Security Knowledge (CCSK);Cloud Service Provider (CSP) Architecture Certification (CSP- AWS, Azure, Google).
Government Customer offers a hybrid work arrangement and currently requires 4 days per month onsite. Subject to change.
ABOUT GAMA-1GAMA-1 is a rapidly growing technology business that is based in Greenbelt, Maryland. GAMA-1 Technologies provides strategic information assurance, information security, and business enterprise and networking solutions to the Federal Government. Our success is based on the utilization of industry and agency standards, establishment of standardized processes, and IT Services expertise. At GAMA-1, we believe employees should grow, achieve, and develop just as the company grows, achieves, and develops. GAMA-1 is committed to providing our employees with opportunities for career advancement throughout their employment. For more information, visit www.gama1tech.com.GAMA-1 is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
#J-18808-Ljbffr