The job below is no longer available.

You might also like

in Washington, DC

Use left and right arrow keys to navigate
Estimated Pay $20 per hour
Hours Full-time, Part-time
Location Washington, DC
Washington, District of Columbia

Compare Pay

Estimated Pay
We estimate that this job pays $20.02 per hour based on our data.

$14.11

$20.02

$32.31


About this job

Job Description

Job Description

Economic Systems Inc. (EconSys) is an Equal Opportunity Employer now accepting resumes for Information Systems Security Support Specialist (ISSS) to join our team in Falls Church, VA. The ISSSS will play a crucial role in supporting the ISSM in maintaining and enhancing the security posture of our information systems. This role requires a deep understanding of security principles and practices, as well as hands-on experience with security tools and processes.

 

EconSys solves difficult issues and creates useful programs to help government organizations approach problems and decision-making more quantitatively. Our products and services are used by over 100 Federal agencies.

 

Responsibilities:

● Continuous Vulnerability Assessment: Regularly audit key touch points like user account administration, authentication, and authorization using tools like Burp Suite to identify vulnerabilities.

● Quarterly Account Review: Conduct reviews in compliance with NIST security controls AC-2 and AC-6, focusing on privileged accounts as per our role-based access scheme.

● Policy and Procedure Development: Assist in developing and updating security policies, processes, and procedures, ensuring they align with NIST standards and organizational goals.

● Evidence Collection and Analysis: Gather and analyze evidence from various systems and tools (e.g., LDAP, VPN, Jumpbox, Splunk) to ensure compliance and identify areas for improvement.

● Security Incident Response: Support the ISSM in responding to security incidents, including those involving Personally Identifiable Information (PII).

● Security Training and Awareness: Assist in providing annual security awareness and role-specific training for personnel.

● Compliance and Risk Management: Participate in the assessment of security controls, manage the Plan of Actions and Milestones (POA&M), and conduct risk assessments.

● Audit and Reporting: Conduct audits and prepare reports as per NIST guidelines (e.g., SI-6 Report, AC-2, AC-17, AU-6, IR-4, MA-4, SC-7, SI-4).

● Annual "Conmon" Checklist Execution: Assist in the annual review and update of various security procedures and controls as listed in the "Conmon" checklist.

● Development and Maintenance of Security Packages and Documentation: This includes the development and update of security authorization packages, updating security documentation throughout the NIST Risk Management Framework (RMF), and creation & maintenance of POA&M reports and corrective action plans.

● Assistance in Specific Security Activities: Involves assisting system owners with all Assessment & Authorization activities, including involvement in Continuous Monitoring (Configuration Management Change Control) activities as well.

● Active Involvement in Vulnerability and Risk Assessments: Both the performance and review of assessments that combine multiple knowledge areas (business objectives, information flow, safeguard requirements, network architecture, and operational policies).

● Security Recommendations and Independent Scans: Providing recommendations regarding network security and security control, and the implementation and coordination of independent scans of applications, networks, and databases.

● Comprehensive Security Process Management: Involves the development and maintenance of documentation, reports, project plans, review of weekly Nessus scan reports, coordination for weekly flaw remediation meetings, and other important security procedures not otherwise specified in the second list.

Qualifications:

● At least 2 yrs experience executing the above tasks and responsibilities.

● Must have or be able to obtain Public Trust (U.S. Citizenship required), at a minimum.

● Experience in conducting interviews with key client stakeholders to evaluate the current state of Information systems according to information security practices.

● Experience in evaluating management, operational and technical security controls and documentation in accordance with NIST.

● Understanding of Cloud Technologies- SaaS, IaaS and PaaS

● Familiar with Tenable Nessus, AppDetective DB and Burp Suite scanning tools.

● Knowledge of CSAM

● Good understanding of Windows and Linux Systems and System Virtualization.

● Strong knowledge of NIST security controls and hands-on experience with security tools.

● Excellent analytical skills and attention to detail.

● Strong communication and collaboration skills.

Company Description
EconSys is celebrating over 30 years in business and, over the past couple of years, has experienced explosive growth! Our office is expanding, our customer numbers have increased and you’ll find our products and services used by over 100 Federal agencies. With this increased business, we need help providing our government customer’s direct support.

Company Description

EconSys is celebrating over 30 years in business and, over the past couple of years, has experienced explosive growth! Our office is expanding, our customer numbers have increased and you’ll find our products and services used by over 100 Federal agencies. With this increased business, we need help providing our government customer’s direct support.