Senior Cyber Consultant - ISSO/ISSM

About The Position

Requirements

• Minimum THREE (3) years of experience in Cyber Security/ Information Assurance.
• Experience applying fundamental cybersecurity principles and concepts to tasks and projects.
• an ACTIVE and MAINTAINED DOD or Federal Secret Clearance
• Cyber certification - CISM, CISSP, or Security+
• Ability to work full time on site in Washington DC

Nice To Haves

• Experience working with networking, storage, intrusion detection/prevention systems, routers, switches, firewalls, logging, physical security systems, server, and workstation security configuration.
• Experienced with performing risk assessments on cloud computing platforms i.e., AWS, Google, Azure.
• Demonstrated ability leading successful teams and working in challenging situations.
• Strong written and oral communication skills and demonstrates leadership role with the client and fellow team members.
• Strong client leadership skills and ability to recognize opportunities for improvement to existing or future capabilities.
• Ability to lead teams to complete projects with attention to detail on tight timelines.
• Assures high quality work by taking advantage of learning opportunities and self-motivated.
• HVA Assessment Qualification

Responsibilities

• Apply fundamental cybersecurity principles and concepts to tasks and projects.
• Assess and implement NIST Cybersecurity Framework (CSF) guidelines, standards, and best practices for cyber security and risk management to strengthen an organizations security posture.
• Review disaster recovery capabilities (backups), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), application whitelisting, host-based firewalls, etc. to provide continuous monitoring of end-user devices to detect and respond to cyber threats.
• Understand of Governance Risk and Compliance (GRC) requirements, standards, and guidelines governing security within the Federal Government (e.g., NIST publications, FISMA, and OMB memoranda) and aligning IT with business objectives to effectively manage risk.
• Apply NIST Risk Management Framework (RMF), NIST SP 800-53 controls, Assessment and Authorization processes, POA&M management, and System Security Plan, FedRAMP, and SOC 2
• Perform cybersecurity risk management, research and development, and leading practices.
• Gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in cybersecurity.
• Develop strategies, roadmaps, assessments, and policies.
• Perform password auditing, network and web vulnerability scanning, virus management and intrusion detection.
• Monitor change management documentation to identify potential impacts to previous, current, and future security testing.
• Author risk narratives to communicate key risks to government CISO and security auditors.
• Support risk audits and assessments, provide recommendations for application design.
• Work with solution architects for security requirements on network architecture

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend