Information Systems Security Specialist

About the Role:

The Information Systems Security Specialist plays a critical role in safeguarding the organization's digital assets and information infrastructure. This position is responsible for designing, implementing, and maintaining security protocols to protect sensitive data from cyber threats and unauthorized access. The specialist will conduct regular security assessments, monitor network activity for vulnerabilities, and respond promptly to security incidents to minimize risk. Collaborating with IT teams and business units, the role ensures compliance with industry standards and regulatory requirements. Ultimately, this position aims to create a secure and resilient information environment that supports the organization's operational goals and protects stakeholder interests.

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or an equivalent STEM 1 degree from an accredited college or university.
• CISSP, CASP CE, CCNP Security, CISA, or equivalent to meet IAT level III requirements under the Cyber Workforce (CWF) program.
• At least 7 years of experience in information security or a related IT security role.
• Experience with Navy Risk Management Framework to include development of all elements of the ATO package.
• Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and endpoint security technologies.
• Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls.
• Experience with security assessment tools and incident response procedures.

Preferred Qualifications:

• Experience working in the military defense industries supporting military clients.
• Knowledge of cloud security principles and experience securing cloud platforms like AWS or Azure.
• Advanced skills in scripting or automation for security monitoring and response.
• Understanding of STIG requirements, patching, and updating security configurations.

Responsibilities:

• Develop, implement, and manage comprehensive information security policies and procedures.
• Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks.
• Monitor network traffic and security alerts to detect and respond to potential threats in real-time.
• Collaborate with IT and business teams to ensure security measures align with organizational objectives and compliance requirements.
• Provide training and guidance to staff on security best practices and incident response protocols.
• Investigate security breaches and coordinate remediation efforts to prevent recurrence.
• Maintain up-to-date knowledge of emerging cybersecurity threats, technologies, and regulatory changes.

Skills:

The required skills enable the specialist to effectively analyze and fortify the organization's security posture by applying technical knowledge of network and system defenses in the development of security packages under the NIST RMF Framework. Proficiency in security frameworks and tools allows for thorough risk assessments and the development of robust security policies. Communication and collaboration skills are essential for working with cross-functional teams to implement security measures and conduct training. Preferred skills such as cloud security expertise and automation enhance the ability to protect modern hybrid environments and streamline incident response. Together, these skills ensure the specialist can proactively defend against evolving cyber threats while supporting business continuity.