IA Cybersecurity Reviewer

About The Position

Requirements

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Current DOD 8140 certifications (IAM Level II certification such as CAP, CASP+, CISM, CISSP, GSLC, CCISO, HCISPP or comparable)
• Current DOD 8140 certifications (IAT Level II certification such as CySA+, Security+, CCNA, GICSP, CND, SSCP)
• Cross-certified in multiple related technology areas in order to conduct reviews of network vulnerability scan, virtual infrastructure, cloud, and other related areas.
• Able to analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations).
• Senior reviewers must have at least 2 years of direct experience
• Able to conduct reviews in the following areas: Boundary Security (i.e., Firewalls, Network Device Management (NDM), policies, and any boundary technology), Network Infrastructure (i.e., Firewalls, Routers, Switches, NDM, policies, and network infrastructure), Domain Name System (DNS), Exchange Server, Network Vulnerability Scan, Traditional Security, Releasable Review, Virtual Infrastructure and Environments, Cross Domain Solution (CDS) (Administrative and Limited Technical Review), Endpoint Security Solutions, Mobility (Wireless, Wireless Discovery, 802.11, BlackBerry Enterprise Server (BES), BlackBerry Handheld, etc.), Voice and Video over IP (VVOIP), Database (Oracle, SQL, or any other database), Windows Infrastructure, UNIX Infrastructure (includes all systems based on UNIX), Web Review (i.e., services, servers, etc.), Other Review (i.e., includes any technology not specifically assigned above using SRGs, STIGs, or best practices utilizing the most appropriate certified technology area)
• U.S Citizenship required
• Must have valid U.S Passport
• Must be able to support up to 70% travel to CONUS and OCONUS locations, and in adherence to all Task Order travel guidelines.
• DoD TS/SCI clearance or the ability to obtain SCI

Nice To Haves

• TS/SCI clearance

Responsibilities

• Provide expertise in current version of Vulnerability Scan Procedures Guide and any official correspondence sent via electronic transmission or verbal meetings to conduct scans.
• Conduct standard internal network scans, from the premise router inward while ensure scanning of all site-managed network spaces.
• Perform technical Security Readiness Reviews (SRR).
• Ensure the use the appropriate technology STIG/SRG and, where applicable, the appropriate automated script or tool for that technology.
• Conduct at least 8 mission sets per year.
• Conduct assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
• Assist in developing EXSUMs/ Briefings/Reports.
• Develop and maintain cybersecurity vulnerability review, inspection, and audit SOPs, TTPs, checklists, and guides.
• Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.