|
|
Apr 19, 2018 |
Baltimore, MD |
|
|
|
|
IS/Cybersecurity Specialist Location: Linthicum, MD Clearance: Top Secret, TS/SCI Preferred DOD 8570/8140 CERTS: CISSP, CISM, GSLC, CASP, CAP
Required Skills: • Risk Management Framework (RMF) experience • IA/Cybersecurity policy implementation • Federal C&A activities, eMASS (submission, validation, updates) • Computer systems security risk analysis and assessment. • Implementing and validating Security Technical Implementation Guidance (STIG), Security Requirements Guidance (SRG) for applications, DOD network architecture and network engineering practices, hardening Windows/LINUX operating system • DoD SCCVI, HBSS, ACAS and CMRS experience • DOD Test & Evaluation (T&E) practices for Cybersecurity • Validation of Security Control Requirements, STIG/SRG/ Customer Centric requirements, document findings formalized reporting format. • Analyzing and defining security requirements. • Analytical and organizational, communication skills (written and verbal communications) • Work in a dynamic work environment. • FISMA experience • Exceptional communication, interpersonal, problem solving, analytical and organizational skills. • Work well both independently and as part of a team.
Desired Skills: • Experience with computer vulnerabilities and exploits • Analyzing security event log data (Windows, UNIX, Database) • Networking, architectures, security elements, firewalls, intrusion detection systems, routers and proxies • Security tools: ArcSight, Splunk, system log reviews.
Role: • Work with Government Information Assurance Manager (IAM) implementing DoD and Air Force Policy on the DC3 networks. • Member of a team of IA professional’s, providing policy analysis, information sharing requirements, Certification and Accreditation support for multiple classified and unclassified networks. • Creating and validating system security requirements, establishing and implementing security designs in hardware, software, data, and procedures. • Conduct technical risk and vulnerability assessments of planned and installed information systems, assess and mitigate system security threats/risks throughout the system life cycle.
Responsible for preparing documentation such as Risk Assessment Reports (RARs) for the ISSM/CISO, System Security Plans (SSPs), Development of Plan of Action & Milestones (POA&Ms) to ensure compliance with Government and DC3 Cybersecurity policies and procedures. Will assist the ISSM/ISSO with the generation of cybersecurity documentation for system hardware and software assessments; assess the performance of IA Security controls for assess and authorize and assess only networks.
Qualifications: Suggested Qualifications: 18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD; Considered an emerging authority / authority in discipline. Consideration should always be given for the level of specific domain expertise.
|
|
|
|
|
|