|Published||September 17, 2022|
|Location||Silver Spring, MD|
Computer World Services is seeking energetic candidates to support the National Oceanica and Atmospheric Administration (NOAA) Office of the Chief Information Officer (OCIO), Cyber Security Division (CSD) in achieving NOAA's cybersecurity mission: to protect and defend the use of cyberspace from cyber-attacks, and to protect NOAA information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Qualified candidate: Responsible for developing and managing Information Systems security. Analyzes information security systems and applications and recommends and develops security measures to protect information against unauthorized modification or loss. Familiar with a variety of the field's concepts, practices, and procedures. Relies on experience and judgment to plan and accomplish goals. Performs a variety of complicated tasks. May lead and direct the work of others. Typically reports to a project leader or manager. A wide degree of creativity and latitude is expected.
Key Tasks and Responsibilities
• Development and running of Tenable reports/dashboards
• Development and running of BigFix reports
• Ad-hoc reporting in Tenable and BigFix
• Data analysis and or auditing experience
• Research Binding Operational Directives (BOD)
• Create, Track, and Manage NOAA's CISA Known Exploited Vulnerability (KEV) Pages and Systems Opt-in patching status
• Research Common Vulnerabilities and Exposures (CVE)
• Excellent presentation skills
• Excellent teamwork
• Excellent independent time management
• Locate and define new process improvement opportunities
• Interpret various types of data, analyze results, and provide written reports
Education & Experience
• BS/BA degree required.
• Minimum of eight years of experience required.
• Knowledge and comprehensive understanding of U.S. federal IT security policies and implementation standards as documented in the National Institute of Standards and Technology (NIST) guidance to include, but not limited to, NIST Special Publications (SP) and Federal Information Processing Standards (FIPS) available online at csrc.nist.gov/.
• Working knowledge of Security Products, ranging from SIEM, Security Appliances, Network Devices, and Endpoint Protection.
• Knowledge of Cyber Security Assessment and Management (CSAM)
• Knowledge of Axonius is a plus
• Familiarity with the NOAA mission and major programs as described online at www.noaa.gov/.
One or more of the below or similar industry certification required
• ISC2 Certified Information Systems Security Professional (CISSP) (Desired)
• ISC2 CISSP - Information Systems Security Architecture Professional (CISSP-ISSAP) (Desired)
• ISACA Certified Information System Manager (CISM) (Desired)
• ISACA Certified Information System Auditor (CISA) (Desired)
• IAM III 8750 Baseline Certifications (Desired)
• US Government Public Trust clearance is required
• Candidate must be a US Citizen
Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)
• Remote / telework 80%; Onsite work 20% Onsite work to be performed at NOAA facility in Silver Spring, MD.
• Core Hours 0900-1500 hrs EST.
EOE AA M/F/Vet/Disability
EEO is the Law: www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf