(590) Information Security Specialist III

Overview(590) Information Security Specialist III at Arlo Solutions. Join to apply for the (590) Information Security Specialist III role at Arlo Solutions.Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.Position DescriptionThe Information Security Specialist III supports the National Oceanic and Atmospheric Administration (NOAA) Internal Risk Management Program (IRMP), providing advanced technical, analytical, and programmatic expertise in the prevention, detection, and mitigation of insider threats. This key personnel position executes and advances NOAA’s IRMP objectives in compliance with federal security regulations, most notably Executive Order 13587, National Insider Threat Policy, NIST, FISMA, NSPM-33, and agency-specific guidance. The Information Security Specialist III collaborates with OCIO leadership, the Internal Risk Office, NOAA research teams, and interagency insider threat task forces to strengthen the security posture of NOAA’s classified and unclassified environments.Location: Hybrid (Silver Spring, MD)Clearance: Active TS/SCIResponsibilities and/or Success FactorsLead the development and implementation of comprehensive information security policies, procedures, and protocols for insider threat detection and mitigationDesign and establish security frameworks that integrate physical security, personnel security, cybersecurity, and information assurance functionsDevelop research security protocols in compliance with NSPM-33 to protect sensitive NOAA research activities from internal and external threatsCreate and maintain security guidelines for handling classified national security information (CNSI) and controlled unclassified information (CUI) Risk Assessment and AnalysisConduct comprehensive risk assessments of NOAA's information systems, networks, and data repositoriesAnalyze security vulnerabilities and develop mitigation strategies for identified risksEvaluate and assess compliance with federal security standards including FISMA, NIST frameworks, and DoD cybersecurity requirementsPerform security impact assessments for new systems, applications, and processes Security Data Integration and MonitoringConsolidate and analyze security data from multiple internal and external sources to identify potential insider threatsDesign and implement data integration systems that provide real-time monitoring and actionable insights to leadershipDevelop and maintain insider threat detection systems and behavioral monitoring capabilitiesEnsure ethical data collection and analysis practices that comply with privacy regulations and civil liberties requirements Incident Response and InvestigationCoordinate incident response activities for suspected insider threat cases and security breachesConduct thorough investigations of security incidents involving classified systems and sensitive informationDocument incident response actions and develop lessons learned for continuous program improvementCollaborate with law enforcement agencies and external partners on complex security investigations Compliance and Audit ManagementEnsure compliance with federal security regulations including Executive Order 13587, NSPM-33, FISMA, and NIST standardsConduct regular security compliance audits and assessmentsPrepare detailed compliance reports and corrective action plans for identified gapsMaintain documentation for security authorization and accreditation processes Training and Awareness Program SupportDevelop technical training materials and awareness programs focused on insider threat identification and mitigationProvide expert consultation on security best practices and threat scenariosSupport the delivery of security training sessions for NOAA personnel, contractors, and uniformed servicesCreate technical resources and job aids for security awareness initiatives Stakeholder Collaboration and CommunicationServe as technical liaison with internal NOAA teams including the Cybersecurity Division and Human ResourcesCommunicate complex technical security concepts to non-technical stakeholdersProvide expert technical guidance to program leadership and government officials Policy Development and DocumentationDevelop and maintain comprehensive security policies and standard operating procedures (SOPs)Create technical documentation for security systems, processes, and proceduresReview and update security policies to ensure alignment with evolving threats and regulatory requirementsContribute to the development of security guidelines and best practice documentationMinimum Qualifications Including CertificatesMust be a U.S. CitizenActive Top Secret security clearance with SCI eligibility (required before contract start)Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related STEM field from an accredited college or universityFive (5) years of experience in information security, cybersecurity, or related fieldFive (5) years of experience in insider threat detection, behavioral analysis, or risk managementExperience with federal compliance frameworks including FISMA, NIST Cybersecurity Framework, and Risk Management Framework (RMF)Knowledge of classified information handling procedures and National Industrial Security Program Operating Manual (NISPOM) requirementsExperience with security incident response and investigation methodologiesDemonstrated experience with security data analysis and threat intelligence platformsStrong analytical and problem-solving skills with attention to detailExcellent written and verbal communication skillsDesired QualificationsExperience with NOAA or other federal agency cybersecurity programsProfessional security certifications (CISSP, CISM, GIAC, or equivalent)Experience with behavioral analytics and insider threat detection toolsKnowledge of NSPM-33 research security requirementsFamiliarity with NIST Special Publications (SP 800 series) and federal cybersecurity guidanceExperience with Security Information and Event Management (SIEM) systemsKnowledge of machine learning and artificial intelligence applications in cybersecurityExperience with cloud security frameworks and technologiesUnderstanding of privacy protection principles and compliance requirementsAAP StatementWe are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.Seniority levelMid-Senior levelEmployment typeFull-timeJob functionInformation TechnologyIndustriesIT Services and IT ConsultingArlington, VA | $90,000.00-$110,000.00; Reston, VA | $70,000.00-$100,000.00; Washington, DC | $95,000.00-$120,000.00 #J-18808-Ljbffr