|Apr 19, 2018
Location: Linthicum, MD
Clearance: Top Secret, TS/SCI Preferred
DOD 8570/8140 CERTS: CISSP, CISM, GSLC, CASP, CAP
• Risk Management Framework (RMF) experience
• IA/Cybersecurity policy implementation
• Federal C&A activities, eMASS (submission, validation,
• Computer systems security risk analysis and assessment.
• Implementing and validating Security Technical
Implementation Guidance (STIG), Security Requirements
Guidance (SRG) for applications, DOD network architecture
and network engineering practices, hardening Windows/LINUX
• DoD SCCVI, HBSS, ACAS and CMRS experience
• DOD Test & Evaluation (T&E) practices for Cybersecurity
• Validation of Security Control Requirements, STIG/SRG/
Customer Centric requirements, document findings formalized
• Analyzing and defining security requirements.
• Analytical and organizational, communication skills
(written and verbal communications)
• Work in a dynamic work environment.
• FISMA experience
• Exceptional communication, interpersonal, problem
solving, analytical and organizational skills.
• Work well both independently and as part of a team.
• Experience with computer vulnerabilities and exploits
• Analyzing security event log data (Windows, UNIX,
• Networking, architectures, security elements, firewalls,
intrusion detection systems, routers and proxies
• Security tools: ArcSight, Splunk, system log reviews.
• Work with Government Information Assurance Manager (IAM)
implementing DoD and Air Force Policy on the DC3 networks.
• Member of a team of IA professional’s, providing policy
analysis, information sharing requirements, Certification
and Accreditation support for multiple classified and
• Creating and validating system security requirements,
establishing and implementing security designs in hardware,
software, data, and procedures.
• Conduct technical risk and vulnerability assessments of
planned and installed information systems, assess and
mitigate system security threats/risks throughout the
system life cycle.
Responsible for preparing documentation such as Risk
Assessment Reports (RARs) for the ISSM/CISO, System
Security Plans (SSPs), Development of Plan of Action &
Milestones (POA&Ms) to ensure compliance with Government
and DC3 Cybersecurity policies and procedures. Will assist
the ISSM/ISSO with the generation of cybersecurity
documentation for system hardware and software assessments;
assess the performance of IA Security controls for assess
and authorize and assess only networks.
Qualifications: Suggested Qualifications: 18-22 years of
professional experience without a degree; or 10-14 years of
professional experience with a Bachelors degree from an
accredited college in a related discipline, or equivalent
experience/combined education; or 8-12 years of
professional experience with a related Masters degree; or 4
years of professional experience required with a related
PhD or JD; Considered an emerging authority / authority in
discipline. Consideration should always be given for the
level of specific domain expertise.