Isso / Issm

About The Position

Requirements

• Minimum SIX (6) years of experience in Cyber Security/ Information Assurance.
• Bachelors Degree
• Experience applying fundamental cybersecurity principles and concepts to tasks and projects.
• An ACTIVE and MAINTAINED DOD or Federal Secret Clearance
• Cyber certification - CISM, CISSP, or Security+
• Ability to work full time on site in Washington DC

Nice To Haves

• Experience working with networking, storage, intrusion detection/prevention systems, routers, switches, firewalls, logging, physical security systems, server, and workstation security configuration.
• Experienced with performing risk assessments on cloud computing platforms i.e., AWS, Google, Azure.
• Demonstrated ability leading successful teams and working in challenging situations.
• Strong written and oral communication skills and demonstrates leadership role with the client and fellow team members.
• Strong client leadership skills and ability to recognize opportunities for improvement to existing or future capabilities.
• Ability to lead teams to complete projects with attention to detail on tight timelines.
• Assures high quality work by taking advantage of learning opportunities and self-motivated.
• HVA Assessment Qualification

Responsibilities

• Apply fundamental cybersecurity principles and concepts to tasks and projects.
• Assess and implement NIST Cybersecurity Framework (CSF) guidelines, standards, and best practices for cyber security and risk management.
• Review disaster recovery capabilities (backups), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), application whitelisting, and host-based firewalls.
• Provide continuous monitoring of end-user devices to detect and respond to cyber threats.
• Understand Governance Risk and Compliance (GRC) requirements, standards, and guidelines governing security within the Federal Government.
• Align IT with business objectives to effectively manage risk.
• Apply NIST Risk Management Framework (RMF), NIST SP 800-53 controls, Assessment and Authorization processes, POA&M management, and System Security Plan, FedRAMP, and SOC 2.
• Perform cybersecurity risk management, research and development, and leading practices.
• Gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in cybersecurity.
• Develop strategies, roadmaps, assessments, and policies.
• Perform password auditing, network and web vulnerability scanning, virus management and intrusion detection.
• Monitor change management documentation to identify potential impacts to previous, current, and future security testing.
• Author risk narratives to communicate key risks to government CISO and security auditors.
• Support risk audits and assessments, provide recommendations for application design.
• Work with solution architects for security requirements on network architecture.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Parental Leave
• 401(k) Retirement Plan
• Group Term Life and Travel Assistance
• Voluntary Life and AD&D Insurance
• Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
• Transit and Parking Commuter Benefits
• Short-Term & Long-Term Disability
• Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Care.com annual membership
• Employee Assistance Program
• Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
• Position may be eligible for a discretionary variable incentive bonus