Information Technology Specialist - Risk Assessment

The Security IT Specialist plays a critical role in protecting TSA systems and sensitive information. The individual would work in one of three areas: cybersecurity policy, risk assessment, or compliance monitoring. The cybersecurity policy role requires evaluating emerging federal standards and regulations and converting them into meaningful internal cybersecurity guidance. The risk assessment role reviews the cybersecurity posture of TSA systems and coordinates assessment activities between technical assessors and control assessors. The compliance role assists with audits, monitors system progress in addressing vulnerabilities, and tracks TSA’s overall progress in meeting DHS requirements. Security specialists in GRC evaluate and track compliance with DHS and federal cybersecurity standards and establish TSA standards.

ABOUT THE JOB

This SkillBridge experience prepares transitioning service members for a cybersecurity-focused career within federal systems. Participants will get experience in Information Assurance/Governance, Risk, and Compliance (GRC). Participants will get program management experience coordinating assessments as well as technical experience reviewing vulnerability scans and security testing and identify potential risks and weaknesses across TSA systems. Effective communication and analytical skills are essential for this role. Individuals will help enforce compliance by reviewing security specifications for new systems and gain knowledge and skills in a variety of cybersecurity areas (assessment, policy, audits, etc.) as well as in soft skills such as communication, project planning/oversight, and customer engagement.

RESPONSIBILITIES

• Evaluating emerging federal standards and regulations and converting them into internal cybersecurity guidance.
• Reviewing the cybersecurity posture of TSA systems and coordinating assessment activities.
• Assisting with audits, monitoring system progress in addressing vulnerabilities, and tracking TSA’s progress in meeting DHS requirements.
• Enforcing compliance by reviewing security specifications for new systems.
• Gaining knowledge and skills in various cybersecurity areas and soft skills such as communication and project planning.

QUALIFICATIONS

• Proficiency in conducting vulnerability assessments and identifying security weaknesses.
• Experience in Information Assurance/Governance, Risk, and Compliance (GRC).
• Program management experience coordinating assessments.
• Technical experience reviewing vulnerability scans and security testing.
• Possession of cybersecurity certifications such as CompTIA Security+ or CISSP.

ADDITIONAL ELIGIBILITY

A successful candidate in Security IT Specialist should possess one or more of the following skills to identify, assess, and mitigate security vulnerabilities within a medium or large organizational IT infrastructure. Some proficiency in conducting of vulnerability assessments and identifying security weaknesses; these may focus on network, operating system, or web application vulnerabilities. Possessing cybersecurity certifications would benefit the candidate such as CompTIA Security+ or higher-level certificates such as Certified Information System Security Professional (CISSP).

BENEFITS

• Prepares transitioning service members for a cybersecurity-focused career within federal systems.
• Experience in multiple areas of cybersecurity and project management.

OTHER

N/A