Information Assurance Systems/Network Specialist - TS SCI eligible clearance required

LTS is seeking an experienced Information Assurance Systems/Network Specialist to support the coordination with business and technology teams, ascertaining system requirements, such as program functions, output requirements, input data acquisition, and system techniques and controls. The environment is dynamic, and client needs are often evolving; flexibility and forward-thinking views are important for success. This position will require an Active TS Security Clearance with SCI eligibility.

This position is 100% onsite in Washington D.C.

LTS provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.

LTS is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver cutting edge solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure and data analytics.

Responsibilities:

Assessment & Authorization (A&A) Support

• Provide technical cybersecurity support for System Owner (SO) in Assessment and Authorization (A&A) activities.

• Determine enterprise information assurance and security standards, ensuring compliance with policies and regulatory requirements.

• Develop and implement security standards, procedures, and solutions to meet customer requirements.

• Identify, report, and resolve security violations, ensuring systems remain compliant.

• Establish and enforce information assurance and security requirements based on user, policy, and resource demands.

• Perform risk and vulnerability assessments throughout the system development lifecycle.

• Ensure all Authorization to Operate (ATO) approvals are up to date and oversee the renewal process.

• Conduct Annual Security Reviews for ATO networks.

Network Security & Risk Management

• Analyze network architecture to identify vulnerabilities and mitigate security breaches.

• Audit network components, including desktops, servers, routers, and switches, to ensure compliance and security best practices.

• Develop and implement scanning and certification plans for network monitoring and security controls.

• Conduct weekly network vulnerability scanning, including remediation scans for patch compliance.

• Implement continuous monitoring of vulnerabilities, issuing security advisories to stakeholders within one business day of discovery.

• Develop and enforce risk and security policies, ensuring adherence to Risk Management Framework (RMF) standards.

• Maintain knowledge of security tools, hardware/software implementations, and encryption techniques.

Configuration & Change Management

• Lead the development of change management policies and standards, including establishing a Change Control Board (CCB).

• Implement and train teams on organizational change management processes and tools.

• Perform configuration management (CM) for software, hardware, and system documentation.

• Develop key performance indicators (KPIs) and metrics reporting for process improvements.

• Maintain communication with stakeholders and manage expectations related to security processes.

RMF & Compliance

• Implement Risk Management Framework (RMF) processes following NIST guidelines.

• Develop artifacts and evidence to satisfy RMF security controls and Control Correlation Identifiers (CCIs).

• Update and maintain the Plan of Action and Milestones (POA&M) to document vulnerabilities and corrective actions.

• Assess cybersecurity risks and document findings in formal risk assessments.

• Conduct security control reviews to ensure FISMA and NIST compliance.

• Manage system accreditation packages and ATOs using the DISA Enterprise Mission Assurance Support Service (eMASS) tool.

Security Monitoring & Incident Response

• Monitor network activity, applications, and hardware for suspicious activity or threats.

• Patch and mitigate security vulnerabilities to prevent cyber threats.

• Conduct targeted vulnerability scans as requested.

• Provide mitigation and remediation recommendations for identified security risks.

Documentation & Reporting

• Maintain and update security architecture documentation, security assessments, and compliance reports.

• Provide Maintenance Reports detailing patches, updates, configuration changes, backups, and vulnerabilities.

• Generate Outage/Impact Reports documenting network incidents affecting operations.

• Deliver additional reports and documentation in coordination with government stakeholders.

Required Skills, Experience & Qualifications:

• Minimum of six (6) years of related experience.

• Strong communication skills (oral and written) relay concise messaging and reporting to all levels of management.

• Great interpersonal skills and ability to work independently with minimal guidance/supervision.

• Strong analytical and investigation skills crafting solutions to challenging problems or issues.

• Bachelor's degree AND minimum or four (4) years of experience.

• Must possess one of the following DoD level Ill Security professional certifications (CISA, GIAC Certified Incident Handler (GCIH), GIAC Information Security Expert (GSE), GIAC Security Leadership (GLSC), Security Certified Network Architect (SCNA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA).

• Expert in Tenable Security Center (Tenable SC) for vulnerability scanning, risk analysis, compliance reporting, and continuous monitoring of IT assets to identify and remediate security weaknesses.

• Must have an Active TS security clearance with SCI eligibility.

• Must be a U.S. Citizenship is required.