Cyber Lead

About The Position

Requirements

• Active Top-Secret Clearance with SCI eligibility
• BS degree in Cybersecurity/Computer Science/Engineering or other relevant field from an accredited university with 10+ years of experience. Additional years of experience can count in lieu of a degree, and vice versa.
• Experience managing and mentoring team of security engineers
• Must have IAT Level III or IAM Level III certification.
• DoD 8570.01/8140.03 Certification: CISSP, CISA, CISM, CASP+
• Broad knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
• Broad knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
• Experience in reviewing and implementing secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs).
• Broad knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Practical experience in guiding systems through NIST SP 800-37 RMF steps, from Prepare to Monitor, using CNSSI 1253 to ascertain appropriate Confidentiality, Integrity, and Availability levels, and the NIST SP 800-53 controls associated with each level.

Nice To Haves

• Deep understanding of software development methodologies, including Agile/Scrum, and ability to mentor teams in their adoption and execution
• Knowledge of Atlassian suite (Confluence, Jira, BigPicture)
• Aerospace Quality AS9100
• Experience with Enterprise Mission Assurance Support Service (eMASS) and Xacta.
• Familiarity using STIG Viewer.
• Familiarity with ACAS, ELK, Splunk or other monitoring tools.
• Additional Certifications/Preferred Not Required: ISC2 Certified in Governance, Risk and Compliance (CGRC).
• Familiarity with Space or Weapons system development, sustainment, and security operation

Responsibilities

• Collaborates with customers and interdisciplinary engineering teams to assess operational demands, break down requirements, and formulate cybersecurity functional requirements.
• Manage and mentor a team of security professionals, delegating tasks and overseeing overall performance of the security team.
• Participate in development and execution of critical development program gate reviews including SRR/SDR, PDR, CDR, TRRs and QPMRs
• Support business rhythm for baseline management, monthly reporting, status and communication for Earned Value Management
• Manage the employment of the Risk Management Framework (RMF) to secure and maintain Authorization to Operate (ATO), Interim Authorization to Test (IATT), and Authority to Connect (ATC) for all accredited information systems, encompassing both on-premise and cloud platforms.
• Develop and maintain System Security Plans (SSP), Security Controls Traceability Matrices (SCTM), Risk Assessment Reports (RAR), Continuous Monitoring Plans (ConMon), Security Assessment Reports (SAR), and Plans of Actions and Milestones (POA&M).
• Lead team to develop and update documentation, policies, and procedures, including Ports, Protocols, and Services Management (PPSM) worksheets, system and network diagrams/descriptions, and Standard Operating Procedures (SOPs).
• Coordinate and conduct security audits and system updates to detect nonstandard events and ensure the integrity of systems and information.
• Play an active role in conducting continuous monitoring activities on Accredited Information Systems (AIS) in their respective environments of operation to include developing and updating system artifacts, managing, and controlling changes to the system.
• Conduct security impact analysis activities on all configuration management changes to the authorization boundaries.
• Report Cyber incidents or vulnerabilities to the government chain of command and then, as required, to the assigned ISSM.
• Strong ability to produce and maintain varied technical documentation.

Benefits

• medical
• dental
• vision
• paid time off
• Employee Stock Ownership Plan (ESOP)
• 401(k)
• life insurance
• flexible work schedules
• holidays