Subject Matter Expert (Secure the Enterprise)

About The Position

Requirements

• Demonstrate a high-level of independent thought, action and judgement
• Demonstrate a high-level of problem solving and solution development to include designing and developing full-stack data analysis solutions in Python and Django in a Linux server environment, and ability to maintain current applications
• Self-motivated, independent, detail-oriented, responsible team player
• Experience briefing and working with the highest levels of government agency leadership
• Ability to develop cross-organization and interagency relationships and maintain them over time
• A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37
• Knowledge of cloud architecture and cloud service providers
• Knowledge of Customer enterprise tools and solutions.
• Ability to effectively communicate with customers of various skill levels to resolve compliance issues
• Ability and willingness to perform deep dive analysis on customer issues to resolve their compliance challenges
• Knowledge of a broad spectrum of commercial security tools and their uses
• Experience with hardware/software security implementations
• Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
• Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
• Experience creating and presenting documentation and management reports.
• Clearance Required: TS/SCI
• Minimum Education: A master’s degree plus twelve (12) years Or a bachelor’s degree plus fourteen (14) years of related work experience
• Minimum Years of Experience: Twelve (12) years of experience with System Security or related customer-interfacing technical lead position.
• Two (2) years technical project leadership experience.
• Master's of Science (MS) degree in Computer Engineering, Computer Science, Computer Forensics, or related field from an accredited college or university.
• In lieu of a MS degree, a Bachelor of Science (BS) degree in Software Engineering, Computer Engineering, Computer Science, Computer Forensics, or related field, and an additional two (2) years of System Security experience may be substituted for a total of fourteen (14) years of experience.

Nice To Haves

• Familiarity the Secure the Enterprise program and the Zero Trust Initiative
• Experience working in a help desk environment with the ability to maintain professionalism under strenuous circumstances
• Should be committed to continuous learning and system development because of the constant developing nature of cyber attacks
• The ability to quickly learn new concepts, data formats, software and operating environments
• Advanced knowledge of Microsoft Office products, especially the ability to create formulas in Excel spreadsheets to perform data analysis tasks and professional presentations in PowerPoint.
• Competency in Visual Basic for Applications (VBA)
• Familiarity with the ICD503, CNSSI1253, SP800-53, etc.

Responsibilities

• Serve as Lead Technical Advisor for the Secure the Enterprise (STE) and Zero Trust (ZT) initiatives
• Advise on STE/ZT strategies, policies, and performance
• Brief the Chief Information Security Officer and Chief Information Officer on STE data, trends, updates, and changes
• Serve as the highest level of STE technical support to the security community
• Converse, analyze and advise on STE areas of concern
• Assist system personnel across the enterprise to maintain the appropriate operational security posture
• Provide guidance and technical expertise on all STE requirements
• Assist in the development and execution of an enterprise level STE compliance program
• Manually review submitted evidence and justifications for manual compliance validations
• Make recommendations to leadership for approval or rejection of requests for exceptions from STE security requirements
• Approve, or reject requests for manual validation or determination of applicability
• Work with information system personnel to troubleshoot and correct rejected requests for manual compliance validation, determinations of applicability and exceptions
• Review automated STE compliance data for errors or inconsistencies and report findings to leadership
• Assess the effectiveness of general IT and specific STE security controls on an ongoing basis to determine the STE program’s effectiveness
• Maintain, develop, and enforce STE security policies, implementation guidelines and customer training
• Coordinate with software developers to recommend changes, develop system requirements, and test new implementations

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance