Skip to main content

This job has expired

Security Lead

Employer
IDEMIA National Security Solutions
Location
Washington, DC
Closing date
Jan 25, 2022

View more

SummaryIDEMIA NSS has an immediate opening for a Security Lead to provide SME services and thought leadership to agency heads, senior directors, and technical managers on any subject involving Information security program and/or security accreditation functions.ResponsibilitiesProvide guidance on policy compliance for solutions via recommendations on risk assessment, control selection and mitigation approach.Provide SME guidance for organizations to satisfy privacy related regulations and recommend approach for building privacy into the IT service design and delivery.Provide guidance on approach for organization to balance security, usability, compliance, risk in a cloud and mobile first IT service delivery environment.Analyzes and defines security requirements at program and system level, and direct development of security mechanisms for effectiveness and compliance. Provides expertise for security intrusion, threat modeling, system vulnerability, network and software application security, and analytics. Provides expertise on security integration for all stages in a Software Development Lifecycle for an organization. Provide expertise on assessment of overall security for on-premise, cloud service or a managed service against applicable frameworks and standards such as NIST RMF, FedRAMP and others.Direct programs and activities for achieving Authority to operate (ATO) for IT services in a regulated environment such as FedRAMP.Provides expertise for organizations approach for inclusion of emerging security concepts and such as Zero trust, to enhance security posture. Minimum Requirements 12+ years of experience in Information security program and /or security accreditation. Experience leading security accreditation of systems using NIST RMF, FedRAMP, NIST 500-53 and other application frameworks and standards. Experience in global standards for information security such as ISO27000, PCI, and GDPR.Master's degree in relevant field.Active TS-SCI ClearanceHighly desirable to have direct experience in supporting DHS in security accreditation of IT services following DHS IT security policies, standards, and frameworks.Must have successfully led the security accreditation and achievement of Authority to Operate (ATO) for a complex distributed IT service/system in any large federal agency, preferable with DHS.Must have experience in design and implementation of security controls in a distributed solution infrastructure to include cloud environment. Must have technical knowledge and experience in supporting design, implementation, and accreditation of IT services involving PKI, KMS/HSM, and other cryptographic technology components, preferable for any ICAM/HSPD-12 solution.Must be familiar and experienced with US Federal, and DHS IT security and privacy policies, applicable regulatory frameworks, and standards eg, NIST 800-53, FIPS 201 and relevant documents, RMF, and FedRAMP.Must have experience in performing IT security and privacy risk assessment following NIST guidelines and leading follow-on activities for risk mitigation (implementing necessary controls and safeguards).Must have experience in leading development of all documentation related to security accreditation if IT systems and services based on US Federal, DHS and FedRAMP processes and frameworks for Cloud and on-premise delivery of service.Must have direct experience in supporting client IT/Cyber security initiatives and programs in compliance with US Federal, DHS and other applicable standards. Must be familiar with ISO27000, NIST RMF, 800-53, FedRAMP and all applicable NIST standards, guidelines, and federal directives.standards eg, NIST 800-53, FIPS 201 and relevant documents, RMF, and FedRAMP.Must have experience in performing IT security and privacy risk assessment following NIST guidelines and leading follow-on activities for risk mitigation (implementing necessary controls and safeguards).Must have experience in leading development of all documentation related to security accreditation if IT systems and services based on US Federal, DHS and FedRAMP processes and frameworks for Cloud and on-premise delivery of service.Must have direct experience in supporting client IT/Cyber security initiatives and programs in compliance with US Federal, DHS and other applicable standards. Must be familiar with ISO27000, NIST RMF, 800-53, FedRAMP and all applicable NIST standards, guidelines, and federal directives.Must be a US Citizen, without Dual Citizenship NSS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics.Equal Opportunity Employer StatementIt is the policy of IDEMIA NSS to provide equal employment opportunities to all qualified employees and applicants for employment without regard to race, color, religion, national origin, ancestry, sex, gender identity, age, disability, participation in discrimination complaint-related activities, sexual orientation, genetics, or active military or veteran status, or any other protected characteristic, by either employees or non-employees. This non-discrimination policy applies to all employment procedures, including, but not limited to, recruiting, hiring, placement, promotion, transfer, training, compensation, termination, reduction in force, and all company-sponsored activities.Affirmative Action StatementNSS has adopted an Affirmative Action Plan ("AAP") and is committed to making a good faith effort toward achieving the objectives of the plan. It is the policy of NSS to base employment decisions on the principles of Equal Employment Opportunity ("EEO") and to take Affirmative Action in the employment of women, minorities, individuals with disabilities and veterans.We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.As a government contractor, NSS abides by the following provision:The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c).Powered by JazzHRYMJDCnMI2y

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert