Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Position Description:
The Information Security Specialist III supports the National Oceanic and Atmospheric Administration (NOAA) Internal Risk Management Program (IRMP), providing advanced technical, analytical, and programmatic expertise in the prevention, detection, and mitigation of insider threats. This key personnel position executes and advances NOAA’s IRMP objectives in compliance with federal security regulations, most notably Executive Order 13587, National Insider Threat Policy, NIST, FISMA, NSPM-33, and agency-specific guidance. The Information Security Specialist III collaborates with OCIO leadership, the Internal Risk Office, NOAA research teams, and interagency insider threat task forces to strengthen the security posture of NOAA’s classified and unclassified environments.

Location: Hybrid (Silver Spring, MD)

Clearance: Active TS/SCI

Responsibilities and/or Success Factors: Information Security Program Development and Implementation

Lead the development and implementation of comprehensive information security policies, procedures, and protocols for insider threat detection and mitigation
Design and establish security frameworks that integrate physical security, personnel security, cybersecurity, and information assurance functions
Develop research security protocols in compliance with NSPM-33 to protect sensitive NOAA research activities from internal and external threats
Create and maintain security guidelines for handling classified national security information (CNSI) and controlled unclassified information (CUI) Risk Assessment and Analysis
Conduct comprehensive risk assessments of NOAA's information systems, networks, and data repositories
Analyze security vulnerabilities and develop mitigation strategies for identified risks
Evaluate and assess compliance with federal security standards including FISMA, NIST frameworks, and DoD cybersecurity requirements
Perform security impact assessments for new systems, applications, and processes Security Data Integration and Monitoring
Consolidate and analyze security data from multiple internal and external sources to identify potential insider threats
Design and implement data integration systems that provide real-time monitoring and actionable insights to leadership
Develop and maintain insider threat detection systems and behavioral monitoring capabilities
Ensure ethical data collection and analysis practices that comply with privacy regulations and civil liberties requirements Incident Response and Investigation
Coordinate incident response activities for suspected insider threat cases and security breaches
Conduct thorough investigations of security incidents involving classified systems and sensitive information
Document incident response actions and develop lessons learned for continuous program improvement
Collaborate with law enforcement agencies and external partners on complex security investigations Compliance and Audit Management
Ensure compliance with federal security regulations including Executive Order 13587, NSPM-33, FISMA, and NIST standards
Conduct regular security compliance audits and assessments
Prepare detailed compliance reports and corrective action plans for identified gaps
Maintain documentation for security authorization and accreditation processes Training and Awareness Program Support
Develop technical training materials and awareness programs focused on insider threat identification and mitigation
Provide expert consultation on security best practices and threat scenarios
Support the delivery of security training sessions for NOAA personnel, contractors, and uniformed services
Create technical resources and job aids for security awareness initiatives Stakeholder Collaboration and Communication
Serve as technical liaison with internal NOAA teams including the Cybersecurity Division and Human Resources
Communicate complex technical security concepts to non-technical stakeholders
Provide expert technical guidance to program leadership and government officials Policy Development and Documentation
Develop and maintain comprehensive security policies and standard operating procedures (SOPs)
Create technical documentation for security systems, processes, and procedures
Review and update security policies to ensure alignment with evolving threats and regulatory requirements
Contribute to the development of security guidelines and best practice documentation

Minimum Qualifications Including Certificates:

Must be a U.S. Citizen
Active Top Secret security clearance with SCI eligibility (required before contract start)
Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related STEM field from an accredited college or university
Five (5) years of experience in information security, cybersecurity, or related field
Five (5) years of experience in insider threat detection, behavioral analysis, or risk management
Experience with federal compliance frameworks including FISMA, NIST Cybersecurity Framework, and Risk Management Framework (RMF)
Knowledge of classified information handling procedures and National Industrial Security Program Operating Manual (NISPOM) requirements
Experience with security incident response and investigation methodologies
Demonstrated experience with security data analysis and threat intelligence platforms
Strong analytical and problem-solving skills with attention to detail
Excellent written and verbal communication skills

Desired Qualifications:

Experience with NOAA or other federal agency cybersecurity programs
Professional security certifications (CISSP, CISM, GIAC, or equivalent)
Experience with behavioral analytics and insider threat detection tools
Knowledge of NSPM-33 research security requirements
Familiarity with NIST Special Publications (SP 800 series) and federal cybersecurity guidance
Experience with Security Information and Event Management (SIEM) systems
Knowledge of machine learning and artificial intelligence applications in cybersecurity
Experience with cloud security frameworks and technologies
Understanding of privacy protection principles and compliance requirements

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Information Security Specialist 3

Arlo Solutions

Your Connections