IT Security Specialist III

Summary GAMA-1 Technologies, LLC seeks an experienced IT Security Specialist III to strengthen program efficiency, effectiveness, and consistency through timely, high-quality security assessments for all High and Moderate systems under the Risk Management Framework (RMF) in a telework environment. The specialist will plan, implement, upgrade, and monitor security measures to protect networks, systems, and information assets. Key responsibilities include assessing system vulnerabilities, identifying and mitigating security risks, and ensuring appropriate controls are in place to safeguard digital assets and critical infrastructure. The role may also involve responding to security incidents, breaches, and malware threats to maintain a secure operating environment.Supervisory ResponsibilitiesNoEssential functions/responsibilitiesReasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.Review all relevant security documentation for the system to be assessed. Review system-developed core security documentation. Document computer security and emergency measures policies, procedures, and tests.Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.Perform a thorough, accurate, and effective evaluation of the systems security controls.Provide technical security expertise on network defense, endpoint security, cloud security, and identity/access management.Develop high quality security authorization package documentation.Develop and maintain sound IT security policies, procedures, templates, and checklists for assessments.Collaborate with program managers, developers, and infrastructure teams to embed security throughout the system lifecycle.Train and mentor junior staff in cybersecurity best practices and federal compliance requirements.Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without formation Security and Confidentiality ObligationsEnsure adherence to organizational information security policies and procedures; actively participate in mandatory security awareness training; and manage confidential and sensitive information in accordance with company protocols and data protection standards.Basic Qualifications Bachelors degree in Engineering, Information Technology, Business, or a related field (or equivalent work experience).4-8 of experience in IT security, with at least 3 years supporting federal government systems. Knowledge of IT security policies and implementation standards, and comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing StandardsProficiency in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security toolsProficiency with enterprise architecture methodologies, concepts, procedures, principles, and toolsAbility to facilitate effective communications between federal clients, system personnel, and the assessment teamFamiliarity with various scanning and monitoring toolsFamiliarity with security assessments in a cloud environment Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project) Knowledgeable in penetration testingStrong verbal and written communication skillsMust be organized, timely, and customer service orientedAbility to work well independently and in a team settingAdaptability, flexibility, and ability to deal with ambiguity and changeExperience with NIST SP 800-37 Risk Management Framework, NIST 800-53 REV 5 and FISMA A&A continuous monitoringExperienced with Security Repository Tools such as Cyber Security Assessment and Management (CSAM) Preferred QualificationsRelevant professional certifications: CISSP, CEH, CISM, CCSP, CISA, CompTIA Security+Additional industry certifications (e.g., AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate) Work authorization/security clearance requirementsAbility to obtain a security clearance (Public Trust, Secret, or higher, depending on contract).Work environmentThis work will be completed in a telework environment with potential travel to client site in Silver Spring as required.Physical demandsProlonged periods of sitting at a desk and working on a computer.Must be able to access and navigate each department at the organizations and client facilities. Travel required YesProficiency RequirementThe employee is expected to demonstrate proficiency in all essential job functions, tools, and processes related to this position within the first 90 days of employment. This includes acquiring a thorough understanding of job-specific responsibilities, systems, and workflows as outlined during onboarding and training. Failure to meet this requirement may result in additional training, reassessment, or other actions as deemed necessary by management.GAMA-1 also offers a variety of benefits, including health insurance coverage, life and disability insurance, 401(k) savings plan, training and career development opportunities, paid holidays and paid time off (PTO - to cover vacation, illness or disability, appointments, emergencies or other situations that require time off from work). For more information click

Created: 2025-10-08