Job Abstract

Responsibilities:

• Applies extensive knowledge of a variety of the Cybersecurity field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems.
• Applies extensive experience with the implementation of the NIST SP 800 family of publications, particularly those associated with NIST’s Risk Management Framework and FedRAMP.
• Coordinating with system owners, IT staff, and developers to ensure all associated artifacts are accounted for as it applies to the Information System being accredited.
• Reporting, responding, and documenting the IS into the system of record at the customers site for each system to obtain ATO for the project.
• Ensuring system scans are properly imported into the system or record to meet Continuous Monitoring requirements as part of the RMF life cycle.
• Working with the ISSM/ISSE/SCA’s and coordinating with program PM through the RMF/A&A process.
• Applies extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements.
• Applies extensive experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines.

• Works independently to solve problems quickly and completely.

• Possess ability to assess and weigh current and evolving security threats in an operational environment.
• Outstanding problem solving and analytical skills, including ability to create clear observations, analysis and conclusions based on customer interviews and data.
• Team player who can collaborate with multiple stakeholders to arrive at the best solution.

Nice to have:

• Applies extensive knowledge and experience with all of the following criteria:
  • Vulnerability scanning execution, assessment, and analysis
  • Operating system (Linux/Windows) and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
  • Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
  • Application security, database security, and network security
  • Relies on extensive experience and judgment to plan and accomplish goals.
• Possess experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems.

Qualifications:

• Current TS/SCI w/FSP
• B.S. in Cybersecurity, Computer Science, or some related field with 8 - 10 years of experience, or a Master's with 6 - 8 years of experience
• The ideal candidate possesses a mix of Cybersecurity experience i.e., FISMA, Risk Management Frame Work (RMF), Governance, Compliance, Technical Security

To have one of the following certifications is a plus:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Ethical Hacker (CEH)
• CompTIA Advanced Security Practitioner (CASP)
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Auditor (CISA)