About the position
The role involves planning, implementing, upgrading, and monitoring security measures to protect computer networks and information. The individual will ensure that appropriate security controls are in place to safeguard digital files and vital electronic infrastructure, and will respond to computer security breaches and viruses. The position requires the rigorous application of cybersecurity policies, principles, and practices in delivering all Information Technology (IT) and cybersecurity services. The candidate will develop and design security solutions to maintain the confidentiality, integrity, and availability of information throughout the enterprise. They will identify, plan, and document improvements to security controls, and develop recommendations and courses of action (COAs) to solve complex cybersecurity problems. Additionally, the role includes planning and scheduling the installation of new or modified security hardware, operating systems, and software applications, and ensuring the assessment and implementation of identified computer and network environment fixes as part of the Cybersecurity Vulnerability Management program. The candidate will guide the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program.
Responsibilities
- Maintaining the appropriate operational security posture for an information system
- Manage the security of the information system through Certification & Accreditation (C&A)
- Support the information system owner for the completion of security related responsibilities
- Review System Security Plans (SSP) and solutions
- Recommend security mechanism implementations
- Evaluate and document the effectiveness of solutions implemented to provide the 'CIA Triad'
Requirements
- Minimum five (5) years of experience with cybersecurity or information assurance
- Minimum of Bachelor’s Degree in a technical or business discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline
- One of the following security certifications (active status): CGRC, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO - (minimum DoD 8570 IAM Level II Certification)
- Must know Risk Management Framework (RMF)
- Active TS/SCI + Polygraph
Nice-to-haves
- Experience with DoD Cybersecurity Policies
- Experience with Xacta Solutions (Xacta 360)
- Knowledge of Enterprise Mission Assurance Support Service (eMASS)
- Exposure to AWS (Amazon Web Services), ACAS (Security scanning software), vCenter, WSUS (Windows Server Update Service), and/or STIGs/IAVA
- A problem solver who can get in, be given a project, and use engineering skills to determine a solution
- Able to build systems from the ground up – network architecture/systems engineering
Benefits
- 401K: up to 3% discretionary profit sharing contribution + 100% match on the 1st 7% of pay
- PTO: 20 days per year
- Healthcare, dental, vision, Free for a single participant
- $50,000 Life insurance provided, additional voluntary life insurance available
