$100K - $150K(Ladders Estimates)
Bowhead seeks a Cyber Security Analyst - Senior to support NAVEBS solutions at the Washington Navy Yard. The Senior Cyber Security Analyst must be experienced in Defense Acquisition programs and familiar with developing cyber security requirements, and strategy in compliance with all DoD, Federal and DON security-related policies, including FISMA and others.
The ideal candidate must elevate their view above stereotypical cybersecurity compliance and monitoring to be able to perform oversight at the program level. This oversight must include network, platform and SAP applications (including Oracle DBs). This person must be able to write TOD: Test of Design (assessing the design of the control) and TOE: Test of Effectiveness (assessing the effectiveness of the control) to determine if Cybersecurity personnel along with external agencies are maintaining the systems within the portfolio as required to meet RMF and FISCAM criteria continuously with defined frequencies.
Qualified candidates must have knowledge and experience to develop and effectively manage processes, procedures and communicate with other teams for mitigating external audit findings. Responsibility for cybersecurity issues may include those related to system architecture, additional tools to enhance system security and monitoring, FISCAM and audit-related issues and requirements, testing and issues related to Cloud hosting.
Essential functions will include but not be limited to:
• Serving as a trusted advisor to build and cultivate relationships while providing independent value-added audit and advisory services.
• Participating on project teams that conduct independent assessments of DON's information systems through the execution of risk analysis, control evaluation, and audit testing procedures and techniques.
• Participating in the execution of audit and advisory projects from audit planning activities through completion.
• Developing and writing Test of Design (TOD) documents for assessing the design of the control and Test of Effectiveness (TOE) documents for assessing the effectiveness of the control for the department.
• Independently performing assigned audit testing (TOD) and providing conclusions on the effectiveness of controls (TOE).
• Must have demonstrable ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
• Must constantly develop increasing technical knowledge and understanding of the department's audit methodology, Cyber Security controls, and internal controls.
• Must be able to effectively communicate audit issues and related recommendations in both technical and non-technical terms to Operational and IT management.
Requirements • Specialized experience with at least seven (7) years of technical experience with implementation of cybersecurity, DoD system accreditations, implementation of security controls and management of security-related Cloud Hosting/Network Infrastructure issues with a minimum of five (5) years of experience in a cybersecurity leadership position is required.
• Bachelor's degree from an accredited college or university in Computer Science, Cybersecurity or Information Technology, or equivalent experience is required. An educational equivalency of at least four (4) years of experience with applying technical security controls and RMF Authorizations, or in a comparable assignment (i.e., Information System Security Manager, etc.) on an enterprise business system may be substituted for a Bachelor's degree.
• Applicable current cybersecurity certification (e.g., CISSP, CAP, CASP, CISA, CISM) is required.
• Knowledge of developing CS requirements, CS Strategy, Program Protection Plan documentation and the application of the above documents and knowledge of DoD PKI implementation.
• Familiarity with DoD, DON and Federal cybersecurity policies and guidelines
• Ability to communicate effectively with all levels of employees and outside contacts. To receive and respond to instructions/assignments, must be able to read, write and speak English.
• Strong interpersonal skills and good judgment with the ability to work alone or as part of a team
SECURITY CLEARANCE REQUIRED: Must currently hold a security clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location.
Valid Through: 2019-10-18