IT Security Compliance Specialist (15.10)
OCT Consulting, LLC
Washington, district of columbia
Job Details
Full-time
Full Job Description
OCT Consulting, LLC is an SBA-certified, 8(a) small business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
OCT is currently looking for an IT Security Compliance Specialist. This position is contingent upon contract award.
The ideal candidate will be proficient in key areas of security such as: Vulnerability Management, Intrusion Prevention and
Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol
Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two-Factor
Authentication, Web filtering, and Advanced Threat Protection.
Role:
- Analyze management and technical controls to ensure that specific security and compliance
requirements are met through the verification of documented processes, procedures, and
standards in order to validate the maintenance of secure configurations.
- Map requirements and regulatory requirements across the Risk Management Framework (RMF)
information security framework to identify overlapping requirements and compliance
efficiencies.
- Track enterprise compliance across multiple security frameworks including Service Organization
Control Type 2 (SOC 2), National Institute of Standards and Technology (NIST), and Federal
Information Security Management Act (FISMA) and maintain up-to-date records of
requirements and corresponding mitigating controls.
- Monitor third-party risk assessments and assist in performing internal risk assessments.
- Collaborate on critical IT projects to ensure that security policy/risk issues are addressed
throughout the project life cycle.
- Monitor change management process to ensure compliance.
Develop key performance metrics to track and ensure compliance with established policies and
standards.
- Support the development of security processes and procedures and support service-level
agreements to ensure that security controls are managed and maintained.
- Participate in the development of security and privacy awareness training in conjunction with
other members of the Security Compliance group.
Requirements
Requirements:
- 7+ years experience with A&A support.
- Proficient in all steps in the NIST RMF framework
- Knowledgeable in NIST special publications such as 800-53 & 800-53A
- Bachelor's degree or equivalent experience.
- At least one of the following certifications: CAP, GIAC, GSLC, CISM, CRISC, CISSP, or CASP
- Current Public Trust Clearance
Benefits
Benefits
The position includes competitive compensation and a full suite of benefits:
● Medical, Dental, and Vision insurance
● Retirement savings 401K plan provided by an industry-leading provider with 3% employer contributions.
● Paid Time Off
● Life Insurance, Short- and Long-Term Disability benefits
● Training Benefits
Salary: $100,000-125,000 to commensurate with experience, education, etc.
About OCT Consulting
OCT Consulting LLC is a certified SBA 8(a), minority-owned, small, disadvantaged business providing professional services and Information technology solutions to the federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations led by a management team with a track record of leading successful engagements at major federal government agencies.
OCT was founded on the balanced business principles of structure with agility; innovation with purpose; and effort with value. We have created a collaborative, fulfilling, inspiring, and transparent environment that values diverse perspectives. We continually challenge ourselves to find new and better ways to do what we do, looking outward to build on industry best practices and emerging tools while creating space for all ideas. Join our team. Bring your ideas to our important work.