Information Security Specialist
- Arlington, VA
Mainstay Information Solutions is a service-disabled veteran-owned small business (SDVOSB) providing expert information security and technology services to the federal government.
Our core team is FITSP-M, CISSP, ITIL, and Security+ certified with more than six decades of information security, information technology, business, and communications experience. The core team has worked with a range of agencies including the U.S. Army, Office of the Secretary of Defense, Department of Homeland Security, Federal Bureau of Investigation, Department of Veterans Affairs, U.S. Coast Guard, and more.
At Mainstay Information Solutions our focus is securing your mission with loyalty and honesty — on time, on budget, exceeding expectations.
· Conduct security assessments of system security plans to help ensure that plans provide security controls for information systems that meet stated security requirements.
· Conduct comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.
· Ensure compliance of security configurations for IT systems and aid in providing clear and concise processes and procedures for the implementation and enforcement of system security configurations.
· Support the risk management process by helping to determine and assign risk impact ratings in accordance with Federal Information Processing Standards (FIPS) 199 for IT systems and by aiding in the development and maintenance of Plans of Action and Milestones for IT systems identified in the Risk Management Framework process and annual security assessments of IT systems.
· Provide assessments of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities.
· Prepare the security assessment reports containing the results and findings from system security assessments.
· Support the development of system security documentation required for the Risk Management Framework (RMF) process, including but not limited to System Security Plans (SSPs), Security Assessment Reports (SARs), and Residual Risk Reports.
· Monitors security systems, and analyzes potential threats and vulnerabilities to client systems.
· Provides security analysis and consultation services for product, system and network architecture designs.
· Prepares remedial options and supervises correction of information security shortfalls.
· Ensures that the Information Systems Security department’s policies, procedures, and practices as well as other systems user groups are in compliance.
· Conducts structured walk-throughs to ensure integrity of system applications.
Top Secret Clearance required.