Senior Information Security Specialist

Minimum Clearance Required

Responsibilities

I2X Technologies is a reputable technology services company to the Federal Government. Whether the focus is on space exploration, national security, cyber security, or cutting-edge engineering applications, I2X is ready to offer you the chance to make a real-world impact in your field and for your country. We provide long-term growth and development. Headquartered in Colorado, I2X is engaged in programs across the country and in more than 20 states. Our programs support multiple Federal agencies, including the Department of Defense. We are seeking a Senior Information Security Specialist to support our customer’s operations in Washington, DC. This effort provides our Government customer with IT Staffing and Consulting services. This position will be on-site.

Responsibilities:

• Administer and maintain intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and firewalls for both on-premises and cloud environments, including authoring custom detection content.
• Monitor real-time network activity, analyze logs and metadata, and investigate anomalies to confirm and respond to intrusion attempts across hybrid infrastructures.
• Perform full-scope digital forensics and incident response (DFIR), covering all phases from scoping and containment to recovery and lessons learned.
• Design and maintain secure network architectures and data loss prevention (DLP) solutions to safeguard sensitive data in cloud and on-premises systems.
• Execute comprehensive security assessments, including penetration testing, ethical hacking, and static/dynamic code analysis, to uncover and address vulnerabilities.
• Demonstrate deep technical understanding of network protocols, system hardening, encryption, identity and access management (IAM), and application security.
• Conduct risk assessments, security gap analyses, and develop actionable mitigation strategies in alignment with NIST, OMB M-22-09, and other federal cybersecurity standards.
• Deploy and support identity, credential, and access management (ICAM) solutions, including multifactor authentication and identity governance frameworks for federal environments.
• Lead compliance efforts, including control assessments under NIST 800-53, POA&M management, and executive reporting on security posture and residual risk.
• Collaborate with stakeholders to build consensus on vulnerability management, prioritize remediation, and ensure alignment with agile development and zero trust initiatives.

Qualifications

Essential Requirements:

• US Citizenship

Required Experience:

5-10 years of experience in the following:

• Administering and maintaining intrusion detection, prevention, and analysis platforms, including SIEMs, host-based systems, and firewalls, while authoring and implementing custom detection logic.
• Monitoring real-time network activity and analyzing raw data, metadata, and logs to identify, investigating, and responding to anomalies and cybersecurity incidents across on-premises and cloud environments.
• Implementing and maintaining data loss prevention (DLP) capabilities for safeguarding sensitive information in both local and cloud-based systems.
• Designing, supporting, and managing security infrastructure, including upgrading toolsets, applying patches, and configuring settings to align with organizational security goals and zero trust architecture.
• Conducting comprehensive security testing—including ethical hacking, static/dynamic code reviews, and system architecture assessments—for evaluating controls and identifying vulnerabilities.
• Analyzing security data to identify risks, assessing system vulnerabilities, and developing mitigation strategies aligned with federal standards and best practices.
• Leading and supporting vulnerability management efforts, including executing scans, evaluating risk, tracking compliance with BOD 22-01, and generating reports to guide remediation efforts.
• Collaborating with stakeholders for conducting gap analyses, prioritizing vulnerabilities, and developing actionable remediation plans for enterprise systems and networks.
• Deploying and managing enterprise-wide Identity, Credential, and Access Management (ICAM) solutions, supporting MFA, privileged access management, and identity lifecycle governance in compliance with OMB and NIST guidance.
• Developing technical and executive-level documentation, reports, and presentations for communicating findings, readiness status, and recommendations for improving cybersecurity posture.

Education and Certifications:

• A Bachelor’s degree from an accredited college or university

One or more of the following, as appropriate:

• Certified Incident Handler (GCIH)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Certified Forensic Analyst (GCFA)
• Information Systems Security Engineering (ISSE)
• Certified Cloud Security Engineer (CCSE)
• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
• Certified Information Systems Security Professional (CISSP)
• GIAC Enterprise Vulnerability Assessor (GEVA)
• Certified Analytics Professional (CAP)

I2X Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected Veteran status, or disability status. 

Salary bands have not yet been determined for this opportunity. I2X Technologies considers factors such as scope and responsibilities of the position, candidate’s work experience, education/training, key skills, internal peer equity, and market and business considerations when extending an offer.