Sr. Information Systems Security Specialist - Top ...

Paradyme, a CATHEXIS Company is a rapidly growing government technology leader that puts service first, for its customers, its team and the communities it supports. We harness DevSecOps and Agile development processes to deliver exceptional results for digital transformations. Based in Tysons Corner, VA, our award-winning culture sets it apart through its team’s deep commitment to service and collaboration with its customers, each other and the community. Learn more at PARADYME.We are hring for a Senior Information Security Specialist for a position supporting a federal law enforcement agency. This posiiton requiers an Active Top Secret security clearance to be considered.Position Summary:We are seeking a highly qualified and experienced Senior Information Security Specialist with 10+ years of experience that will support the establishment, implementation, and maintenance of a life-cycle security model that develops, maintains, and dispositions of the customer. The Senior Specialist will assess information systems to ensure that the management, operational, personnel, and technical controls are functioning effectively during all phases of the system lifecycle. The Senior Specialist will focus on Identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities associated with information systems; Information system compliance with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA and SANS Institute, The Senior Specialist will take an important role in collaborating and providing security management, practices and federal policy expertise in the Agile development environments. The Senior Specialist be a leader responsible for coordinating with the contract team security personnel, especially the ISSO and also to the numerous system owners to ensure their products are operated and maintained in accordance with government policies and practices.Key Responsibilities:Lead or serve as Senior Subject Matter Expert (SME) within SAFe-aligned project environmentsEmpower, guide security teams to perform at peak operational levels as Team LeadEnsure system and data protection are mission-critical, business alignedCollaborate with stakeholders to evaluate and mitigate technical and operational cybersecurity risksApply 800-53 controls to assess, improve, and document system security postureValidate controls throughout the system lifecycle, supporting ISSOs where neededSupport selection and implementation of controls and industry best practicesLead FISMA compliance efforts, take part in contingency planning /incident response exercises, real event remediation and reportingSafeguard IT assets from malware and unauthorized activities via prevention and detection protocolsReview change requests, utilize change management tools to assess impactOversee documentation, POA&Ms, and continuous improvement of IA posture with cross-functional teamsMonitor system activity and audit logs using tools such as Splunk to detect and respond to anomaliesUtilize intrusion detection tools to validate integrity and critical file configurationsConduct assessments, execute vulnerability remediation through periodic scansManage and troubleshoot system access controls and permissions across diverse user groupsEnsure privileged user access is managed and mandatory training is completedInstall and maintain timely updates of critical patches and security hotfixesDemonstrate working knowledge of SSPs, including updating user guides and governance artifactsIf assigned, serve as Registration Authority (RA) for designated platforms to manage digital credentialsPromote cybersecurity awareness by leading or participating in training activitiesTechnical Experience or KnowledgeMinimum of 10+ years of security experience as an Senior Information Security Specialist equivalent positionPrevious hands-on technical experience in networking, system administration and development; and utilizing Splunk for audit log review and system alerting.Demonstrate experience with the following tools:JCAM (Joint Cybersecurity Authorization Management)Telos XactaGitLabAtlassian JIRA and ConfluenceMicrosoft SharePointBigFixTenable Security CenterIn addition, the ISSS should be capable of providing targeted input on key documentation efforts such as:Interconnection Security Agreements (ISAs)Security Assessment Reports (SARs) provided on an as-needed basis to support system authorization and risk management activitiesEducation/Certifications/SkillsAssociates degree or Bachelor’s in Systems Security, Cybersecurity, Computer Science, Information Technology, or related fieldHighly recommended in CompTIA Security+ or equivalent certificationPreferred certifications in the following to include one or all of the following:Certified Information Systems Security Professional (CISSP)Certified Cloud Security Professional (CCSP)AWS Certified Security - SpecialtyMicrosoft Certified: Azure Security Engineer AssociateGoogle Professional Cloud Security EngineerCompTIA Cloud+Agile Certifications, preferredStrong knowledge of SAFe/Agile methodologies software development life cycles, and modern project management tools and techniques like Continuous Integration and Continuous Deployment (CI/CD) practicesStrong problem-solving skills, with the ability to troubleshoot complex issuesExcellent communication, negotiation, and stakeholder management skillsParadyme, a CATHEXIS Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact

Created: 2025-08-08