SAP Cybersecurity Specialist

About The Position

Requirements

• Must be a U.S. Citizen (no dual status)
• Active DoD Secret security clearance (or higher) required
• Preference given to candidates with current or recent DoD experience
• 1-3 years relevant experience as a business analyst in ERP environment
• 2 years focused specifically on SAP years’ experience
• 1 year SAP experience in FI, CO, FM or Supply Management.
• Working knowledge of Information Assurance (IA) concepts such as patch management, multi-factor authentication, host-based security, intrusion detection, security event management and defense-in-depth is required
• Experience with Plan of Actions and Milestones (POAM), Information Assurance Vulnerability Management (IAVM), and compliance reporting for mission systems
• Active DoD 8570 certification required or must obtain prior to onboarding to the program
• At least one Security Certification (in order of preference): Certified Information Systems Security Professional (CISSP), Certified Info Sys Auditor (CISA)/Certified Info Sec Manager (CISM), Certified Ethical Hacker (CEH)
• Other similar certs may be acceptable on a case-by-case basis
• Experience in agile development implementation, preferably SAFe and/or DevSecOps.
• Bachelor’s Degree or equivalent experience
• Must be local to the DC Metro area and willing to be on client site in DC up to 5 days/week

Responsibilities

• Analyze and define security requirements for Multilevel Security (MLS) issues.
• Design, develop, engineer, and implement solutions to MLS requirements.
• Gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena.
• Perform risk analyses which also include risk assessment.
• Work with clients to ensure security solution satisfies the objectives as defined in the security and operational requirements
• Work in multi-disciplined teams to define and design complex processes and procedures for the security maintenance of SAP and related application systems
• Support enhancement requests and resolve reported incidents within defined service level agreements
• Support all Risk Management Framework (RMF) activities to include Ongoing Security Assessments (OSA) such as updating control implementation statements and providing evidence to compliance assessment activities
• Support updating security documentation such as System Security Plan, Contingency Plan, Incident Response Plan, Privacy Impact Assessment, and other similar documents
• Prepare progress reports for internal leadership and for client and monitor project progress
• Mitigate risks, address issues, interface with clients, and keep the leadership informed on project status
• Develop basis of estimates and program schedule for multiple solution alternatives
• Author white papers, root cause analysis, other solution related documentation as needed
• Provide support to the management and perform duties as assign

Benefits

• Comprehensive medical, dental, and vision plans
• Flexible Spending Account
• 4% 401K Match (immediate vesting)
• Paid Time Off
• Tuition reimbursement, certification programs, and professional development
• Flexible work schedule
• On-site gym and childcare option