Develop a software solution by studying information needs; conferring with users; studying systems flow, data usage, and work processes; investigating problem areas; following software development lifecycle.
Prepare and install solutions by determining and designing system specifications, standards, and programming
Provide essential support to draft new or update existing security policies, standards, guidelines, requirements, and/or operational manuals to align IT security policies and processes with emerging technology areas and address information technology security policy gaps.
Ensure alignment with mandated regulatory guidance and industry's best practices for security and information assurance.
Perform Independent review and analysis of organization IT security policies; to ensure alignment with mandated regulatory guidance and assess operational impact. Provide specific recommendations to improve daily operations and technology improvements for organization employees.
Develop companion technical procedure documents and plain language documents for implementing new or updated security policies.
Perform technical analysis and support for security policies which includes auditing policy items for validity and clarity.
Develop or update technical manual checklists (functional security requirements and implementation methods for hardening systems), and manual procedures.
Perform ad-hoc Security Technology Impact Assessments, responding to request to use new or emerging technology; for mitigating exceptions to current security policy. Identify risks/vulnerabilities associated with the technology and provide a mitigation recommendation.
Prepare response to stakeholder(s), requesting clarification to security policy or controls.
Prepare response to stakeholder(s), requesting deviation or exceptions to stated policy. Identify risks/vulnerabilities and provide a mitigation recommendation.
Remote support; however the individual may need to travel to an IRS facility once (or twice) a year to provide direct support to the customer. Preferred DC area or Omaha, NE
Other tasks as assigned
Knowledge and experienced developing application and database solutions, both front and backend.
Knowledgeable and experienced in all aspects of security.
Provides highly technical and specialized guidance, and solutions to complex security problems. Performs analyses and studies.
Prepares reports and gives presentations to management as necessary.
Experience in one or more of the following technology areas is preferred: Windows OS, UNIX, Linux, MAC O/S, Virtualization, Databases, Cloud Computing, Wired and Wireless networks, Mobile Devices, Vulnerability Scanning tools, Security Assessments, etc.
Proven experience in Information Assurance and Security; Expertise in NIST Standards or other Security Frameworks for implementing Security Controls; Analytical Skills;
Certification: CISSP, GLSC, or equivalent certification preferred
2 Years experience in Information Assurance / Certification and Assurance environment
2 Years experience in FISMA, NIST (FIPS 140, SP 800-53 Rev4, etc.)
2 Years experience in an IT operations environment, such as system administration, networking, client support
Performs duties independently or as a member of a team; Attention to detail; Excellent Writing and Communication Skills.
Position require a Public Trust Clearance which entails a detailed income tax and credit review. Do not apply if you know you cannot pass an IRS income tax and credit review.
Candidate must be a U.S. citizen or permanent resident to be eligible for consideration
Washington, DC/Bellevue, NE
Number of Openings