Kearney & Company is seeking an Information Systems Security Specialist to join our team! The Information Systems Security Specialist will play a critical role in helping a large Federal agency ensure that the information systems security posture is maintained for key financial information systems. This individual will play an active role in monitoring financial information systems and their environment of operation. This will involve developing and updating security plans, as well as assessing security impacts resulting from changes to the information systems. Additional responsibilities include: General: Demonstrate professionalism and competence in the client’s environment Work in a team environment with clients and Kearney team members Balance multiple projects and/or tasks concurrently Ensure project deliverable compliance and quality Be a self-starter, self-motivated, and results-oriented Support firm-wide initiatives Provide recommendations for continuous improvement Information Security Compliance: Advise system owners regarding security considerations in applications systems procurement or development, implementation, Operations and Maintenance (O&M), and disposal activities (e.g., life cycle management) Assist the development and maintenance of Information Technology (IT) system security plans and contingency plans for financial management systems Participate in risk assessments to periodically re-evaluate the sensitivity of the system, risks, and mitigation strategies Work in close collaboration with the Information System Security Officer (ISSO), System Owner, and other stakeholders to manage the security or privacy aspects of information systems, including the day-to-day system security or privacy operations Ensure compliance with system-level policies, standards, and procedures Assist the ISSO in capturing system weaknesses in the Plan of Action and Milestones (POA&M) and ensure remediation in a timely manner Information Security Operations: Ensure the effective integration of security and privacy requirements into systems and system elements from the onset of development Assess security impacts related to third-party cloud service providers, including the effectiveness of security controls performed by third-party cloud service providers Interpret applicable laws and regulations into functional security requirements (e.g., Mult-factor Authentication (MFA), secure configuration baseline, etc.) Support assessments, reviews, evaluations, tests, and audits of the system by both internal and external entities Participate in vulnerability management efforts over information systems to minimize potential security risks posed by identified vulnerabilities Develop, implement, and maintain an information security program that includes proactive strategic planning related to industry trends and Federal Government information security mandates, laws, and regulations Qualifications Bachelor’s degree with a minimum of five years of experience executing information systems security compliance and operational activities Experience working with Federal Government agencies Working knowledge of National Institute of Standards and Technology (NIST) Special Publications (SP), the Federal Information Security Modernization Act of 2014 (FISMA), Federal Information Processing Standards (FIPS) 199, and/or Binding Operational Directive (BOD) 22-01 Strong written and verbal communication skills Ability to obtain and maintain a U.S. Security Clearance (requires U.S. citizenship) Preferred: Experience working with the Department of Health and Human Services (HHS) or other Federal/Department of Defense (DoD) customers strongly preferred Experience performing an ISSO role or working closely with an ISSO to perform ISSO roles and responsibilities (e.g., Authority to Operate [ATO], POA&M management, Risk Management, Continuous Monitoring) System Security Enhancement Advisory: Knowledge of new information security requirements (e.g., Zero Trust, Office of Management and Budget [OMB] M-21-31) and experience advising information systems security planning based on the current state of the security program Professional Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) KCO1701 #LI-MA1 Overview Exclusively focused on the Government, Kearney & Company provides financial services, including auditing, consulting, and technology services. Our commitment to our employees and clients as well as to dedication and trust, critical values to our Firm, have led to Kearney’s recognition as one of the leading accounting firms in the country. Based on our employees’ feedback, we are also consistently rated a Best Place to Work. Employment at Kearney means a flexible, collaborative, and open-minded work environment. We hope it is your “first easy decision.” Learn more at www.kearneyco.com/careers. EEO Notice Applicants have rights under Federal Employment Laws EEO Notice Work location is subject to change based on client requirements. Kearney & Company is an Equal Opportunity Employer and will consider all qualified applicants without regard to race, color, creed, genetic information, religion, national origin, ethnicity, gender; gender identity, sexual orientation, pregnancy, childbirth or related medical condition, age, disability or handicap, servicemember status, relationship or association with a protected veteran, and any other category protected by Federal, state, or local law. Click here to learn more. If you would like to request a reasonable accommodation, regarding accessibility of our website, a modification or adjustment of the job application or interview process due to a disability, please call 703-236-2391 or email accommodations@kearneyco.com. Please be advised that this contact information is for accommodation requests only and cannot be used to inquire about the status of an application. Family and Medical Leave Act (FMLA) FMLA is designed to help employees balance their work and family responsibilities by allowing them to take reasonable unpaid leave for certain family and medical reasons. Kearney & Company provides eligible employees with up to 12 weeks of unpaid, job-protected leave per year. Military family leave is available for up to 26 weeks under FMLA. Click here to learn more. Employee Polygraph Protection Act (EPPA) The EPPA prohibits most private employers from using lie detector tests either for pre-employment screening or during the course of employment. Kearney & Company adheres all provisions of the EPPA. Click here to learn more.