Principal Security Specialist

Job details mentioned below:

Job Title: Principal Security Specialist

Location: Arlington, Virginia

Duration: Full Time

• Duties include but are not limited to:

Perform Security Assessments and Technical Security Reviews (TSR) for classified and unclassified systems;

Ensure adherence to the DHS Systems Engineering Lifecycle (SELC) and Change Management (CM) principles;

Develop and update testing procedures, Rules of Engagement (RoE) and security assessment scripts;

Review output from existing vulnerability assessment tools (Nessus, AppDetective, etc.) to validate findings and identify false positives;

Identify security risks, threats and vulnerabilities;

Use NIST SP800-53 (Rev 3 and 4) and DHS 4300A/B controls for testing the security controls within the C&A phase;

Review security controls using manual processes and automated tools;

Create, review, edit System Security Plans (SSP);

Perform Risk Analysis;

Work with ISSOs, developers, and System Owners on the assessment of systems under test;

Develop Security Assessment Reports (SAR)

• Required:

Eligible for Secret, Top Secret or DHS/OBIM/NPPD Clearance

B.S. from an accredited institution in a Technical or Engineering related discipline. Relevant experience can be substituted in lieu of a degree.

Five (5) plus years of experience in IT Security with relevant security assessment planning and execution including use of automated assessment tools (Nessus, AppDetective, WebInspect, Core Impact, etc.)

In-depth knowledge of and experience in applying: OMB, DHS 4300A/B, FIPS, NIST SP-800 series standards; related Federal IT security mandates and best practices; and agency specific policies and directives derived from such

Excellent written and verbal communication skills

Excellent interpersonal skills

• Preferred: