Ref ID: 02720-0011750949

Classification: Security Manager

Compensation: DOE

RESPONSIBILITIES:

• Serve as Cybersecurity Subject Matter Expert (SME) for project teams

• Work with management, and project teams to gather, comprehend, and clearly articulate security-related requirements, success criteria, and metrics

• Develop DOD security authorization package documentation for updates to Authority to Operate (ATO) under RMF packages

• Develop supporting documentation including Cybersecurity Test Plans, Cybersecurity Test Scripts, Penetration test plans

• Use automated scanning tools (ACAS, SCC, etc) and perform manual checks to assess security baseline of developed projects against relevant DISA STIGs and SRGs

• understand how to configure and apply antivirus tools to developed systems as required

• Work with development teams to assess and remediate vulnerability findings when possible by applying patches and configuration settings

• Document open vulnerabilities (STIGs and patches) with justifications and/or remediation recommendations and create, track, and report using JIRA

• Estimate and plan work efforts, evaluate risks, and develop and report key metrics for reporting to management

• Monitor, evaluate, and continuously improve Client project teams’ security efforts by being a trusted advisor, facilitator, and problem solver

• Rigorously document work procedures and train others to perform tasks as required

• Share best practices and identify opportunities to implement improvements to organizations cybersecurity-related work instructions and team procedures

• Continuously monitor developments in DOD cybersecurity policies and procedure

REQUIRED EXPERIENCE:

• 2 or more years of experience in cybersecurity related work

• Prior experience with vulnerability scanning and antivirus tools including Tenable Nessus, STIG viewer (and STIGs), DISA SCC tool and benchmarks, and McAfee

• Prior hands-on experience imaging, installing, patching, and configuring physical and virtual Windows and Linux operating systems and network devices

• Knowledge of DOD/DON cybersecurity compliance processes including DoD 8500.01, DODI 8510.01 / RMF Framework and controls, OPNAVINST 5239.1D, and DISA STIGs / SRGs

• Prior experience developing DOD/DON compliance documentation

• Excellent computer skills with strong proficiency in Microsoft Windows, Microsoft Office package

• Works well individually or in a group setting

• Effectively works well with other employees

• Ability to work under pressure and time constraints

EDUCATION:

Accredited Bachelor’s degree in Engineering, Computer Science, IT, or Cybersecurity

Certification:

CISSP, CASP, or SEC