Information Security Specialist III

🇺🇸 United States - Remote
🔒 Cybersecurity🟣 Senior

Job description

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Position Description: The Information Security Specialist III supports the National Oceanic and Atmospheric Administration (NOAA) Internal Risk Management Program (IRMP), providing advanced technical, analytical, and programmatic expertise in the prevention, detection, and mitigation of insider threats. This key personnel position executes and advances NOAA’s IRMP objectives in compliance with federal security regulations, most notably Executive Order 13587, National Insider Threat Policy, NIST, FISMA, NSPM-33, and agency-specific guidance. The Information Security Specialist III collaborates with OCIO leadership, the Internal Risk Office, NOAA research teams, and interagency insider threat task forces to strengthen the security posture of NOAA’s classified and unclassified environments.

Location:  Hybrid (Silver Spring, MD)

Clearance: Active TS/SCI

Responsibilities and/or Success Factors: Information Security Program Development and Implementation

  • Lead the development and implementation of comprehensive information security policies, procedures, and protocols for insider threat detection and mitigation
  • Design and establish security frameworks that integrate physical security, personnel security, cybersecurity, and information assurance functions
  • Develop research security protocols in compliance with NSPM-33 to protect sensitive NOAA research activities from internal and external threats
  • Create and maintain security guidelines for handling classified national security information (CNSI) and controlled unclassified information (CUI) Risk Assessment and Analysis
  • Conduct comprehensive risk assessments of NOAA’s information systems, networks, and data repositories
  •  Analyze security vulnerabilities and develop mitigation strategies for identified risks
  • Evaluate and assess compliance with federal security standards including FISMA, NIST frameworks, and DoD cybersecurity requirements
  • Perform security impact assessments for new systems, applications, and processes Security Data Integration and Monitoring
  • Consolidate and analyze security data from multiple internal and external sources to identify potential insider threats
  • Design and implement data integration systems that provide real-time monitoring and actionable insights to leadership
  • Develop and maintain insider threat detection systems and behavioral monitoring capabilities
  • Ensure ethical data collection and analysis practices that comply with privacy regulations and civil liberties requirements Incident Response and Investigation
  • Coordinate incident response activities for suspected insider threat cases and security breaches
  • Conduct thorough investigations of security incidents involving classified systems and sensitive information
  • Document incident response actions and develop lessons learned for continuous program improvement
  • Collaborate with law enforcement agencies and external partners on complex security investigations Compliance and Audit Management
  • Ensure compliance with federal security regulations including Executive Order 13587, NSPM-33, FISMA, and NIST standards
  • Conduct regular security compliance audits and assessments
  • Prepare detailed compliance reports and corrective action plans for identified gaps
  • Maintain documentation for security authorization and accreditation processes Training and Awareness Program Support
  • Develop technical training materials and awareness programs focused on insider threat identification and mitigation
  • Provide expert consultation on security best practices and threat scenarios
  • Support the delivery of security training sessions for NOAA personnel, contractors, and uniformed services
  • Create technical resources and job aids for security awareness initiatives Stakeholder Collaboration and Communication
  • Serve as technical liaison with internal NOAA teams including the Cybersecurity Division and Human Resources
  • Communicate complex technical security concepts to non-technical stakeholders
  • Provide expert technical guidance to program leadership and government officials Policy Development and Documentation
  • Develop and maintain comprehensive security policies and standard operating procedures (SOPs)
  • Create technical documentation for security systems, processes, and procedures
  • Review and update security policies to ensure alignment with evolving threats and regulatory requirements
  • Contribute to the development of security guidelines and best practice documentation

Minimum Qualifications Including Certificates:

  • Must be a U.S. Citizen
  • Active Top Secret security clearance with SCI eligibility (required before contract start)
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related STEM field from an accredited college or university
  • Five (5) years of experience in information security, cybersecurity, or related field
  • Five (5) years of experience in insider threat detection, behavioral analysis, or risk management
  • Experience with federal compliance frameworks including FISMA, NIST Cybersecurity Framework, and Risk Management Framework (RMF)
  • Knowledge of classified information handling procedures and National Industrial Security Program Operating Manual (NISPOM) requirements
  • Experience with security incident response and investigation methodologies
  • Demonstrated experience with security data analysis and threat intelligence platforms
  • Strong analytical and problem-solving skills with attention to detail
  • Excellent written and verbal communication skills

Desired Qualifications:

  • Experience with NOAA or other federal agency cybersecurity programs
  • Professional security certifications (CISSP, CISM, GIAC, or equivalent)
  • Experience with behavioral analytics and insider threat detection tools
  • Knowledge of NSPM-33 research security requirements
  • Familiarity with NIST Special Publications (SP 800 series) and federal cybersecurity guidance
  • Experience with Security Information and Event Management (SIEM) systems
  • Knowledge of machine learning and artificial intelligence applications in cybersecurity
  • Experience with cloud security frameworks and technologies
  • Understanding of privacy protection principles and compliance requirements

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Share this job:
Please let Arlo Solutions know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Arlo Solutions

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply