Cybersecurity Specialist - Assessor

Peraton•Fort Meade, MD

13h•Onsite

About The Position

Peraton seeks a Cybersecurity Specialist - Assessor to create Criteria, Measures, and Indicators for program assessments in support of Department of Defense Cyber Defense Command (DCDC) Readiness and Security Inspection (DRSI). Tasks include: Develop and maintain criteria, measures, and indicators on multiple classification levels in information systems and related documents. Continuously evaluate, improve, and update operational effectiveness inspection methodology and associated criteria. Review, coordinate, and update all criteria operations references (law, regulations, policy, and orders). Develop a performance-based assessment implementation plan that includes new/evolving MOEs. Maintain materials for program grading, scoring, and risk measurement performance standards. Develop new MOPs / MOEs based on lessons learned, new technologies and capabilities, and current threats to the DODIN. Identify applicable executive, DOD, Chairman of the Joint Chief of Staff (CJCS), NIST guidance/controls and other applicable policy or doctrine to be used as a baseline for assessing cybersecurity service capabilities and operational effectiveness and align to criteria. Identify datasets to assessing cybersecurity and map/align to criteria. Develop and maintain mapping to the Defense Cybersecurity Workforce Framework (DCWF).

Requirements

Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD. Will consider HS+12 years experience.
Must have IAT Level II Certification such as CCNA, CySA+ (SecurityX), GICSP, GSEC, Security+, CND, or SSCP within 90 days of start.
Must have IA CSSP Analyst Certification such as CEH, CFR, CCNA, CySA+ (SecurityX), GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+ within 90 days of start.
Active TS with ability to obtain SCI.
U.S Citizenship required.

Nice To Haves

Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
Knowledge of cybersecurity principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of cloud computing service models Software as Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.

Responsibilities

Develop and maintain criteria, measures, and indicators on multiple classification levels in information systems and related documents.
Continuously evaluate, improve, and update operational effectiveness inspection methodology and associated criteria.
Review, coordinate, and update all criteria operations references (law, regulations, policy, and orders).
Develop a performance-based assessment implementation plan that includes new/evolving MOEs.
Maintain materials for program grading, scoring, and risk measurement performance standards.
Develop new MOPs / MOEs based on lessons learned, new technologies and capabilities, and current threats to the DODIN.
Identify applicable executive, DOD, Chairman of the Joint Chief of Staff (CJCS), NIST guidance/controls and other applicable policy or doctrine to be used as a baseline for assessing cybersecurity service capabilities and operational effectiveness and align to criteria.
Identify datasets to assessing cybersecurity and map/align to criteria.
Develop and maintain mapping to the Defense Cybersecurity Workforce Framework (DCWF).