Our Partner, as a prime contractor to the Government Customer, performs investigations to develop a preliminary diagnosis of the severity of breaches. They provide remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based and network-based cybersecurity analysis capabilities. They are seeking an
Information Systems Security Specialist to support this critical customer mission.
Responsibilities - Work as part of a team of Information Assurance professionals to manage the full Risk Management Framework lifecycle for Information Technology systems
- Assist technical/management leadership on major tasks or technology assignments
- Establish goals and plans that meet project objectives
- Assist in direction and control activities, having overall responsibility for security management, methods, and staffing to ensure that technical requirements are met
- Participate in client negotiations and interface with senior management
- Support decision making and domain knowledge that may have a critical impact on overall project implementation
- Provide support to plan, coordinate, and implement a cybersecurity lab's information security
- Provide support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems
- Assist the efforts of security staff to design, develop, engineer and implement solutions to security requirements
- Implement and develop the Customer's IT security standards
- Gather and organize technical information about the lab's mission goals and needs, existing security products, and ongoing programs
- Perform risk analyses which also includes risk assessment
- Plan and lead major technology assignments
- Evaluate performance results and recommend major changes affecting short-term project growth and success
- Function as a cyber technical expert across multiple project assignments
- Work closely with ISSM and CISO to respond to Data Calls and satisfy requirements of ATOs
Requirements - US Citizenship
- TS/SCI Clearance
- Must be able to obtain DHS Suitability
- BS Information Management, Cybersecurity, Computer Science or related degree, or High School Diploma and 7+ years of information security management experience
- 5+ years of directly relevant experience in information security management
- Hands on experience with Linux operating systems or Amazon Web Services
- Experience supporting the NIST Risk Management Framework (RMF) process and contributing to a full ATO effort from initiation through authorization, including development of security documentation, control implementation statements, supporting assessment (audit) activities, and performing full POA&M management
- Beginning to end Knowledge of RMF and Assessment and Authorization (A&A) documentation to include SSP, Contingency, Incident & Configuration Mgmt planning and execution
- Experience working on multiple complex assignments which are broad in nature, requiring originality and innovation in determining how to accomplish tasks
- Ability to apply a comprehensive knowledge across key tasks and high impact assignments
- Knowledge of Computer Network Defense (CND) policies, procedures & regulations
- Knowledge of defense-in-depth principles and network security architecture
- Knowledge of ATO requirements and strong experience with POAMs
- Knowledge and experience with full range of Microsoft Office products (Word, Excel, Powerpoint, and Visio)
- Knowledge of boundary protection and network segmentation
- Knowledge of authentication and access management techniques
- Experience with implementing and assessing security controls for hardware, software, and network deployments
- Must be able to work collaboratively with internal and external stakeholders across physical locations
Desired Skills - Experience with Risk Management Framework software (CSAM, Xacta, Archer, RegScale)
- Experience with host and network scanning software (Nessus, Security Center, Tenable Vulnerability Management, nmap, Wiz, burp)
- Experience with Endpoint Protection tools like CrowdStrike or CarbonBlack
- Working knowledge of SIEM tools like Splunk, SOAR, or ELK
- Familiarity with role-based account processing operations
- Familiarity with zero trust architectures
- Familiarity with scripting languages (python, AWS CLI, Lambda, bash, powershell)
Desired Certifications - DoD 8140.01 IAT Level III, CISSP, AWS, Cisco, Microsoft
