Cybersecurity Senior

About The Position

Requirements

• U.S. Citizenship is required.
• Master’s or Doctorate Degree in a related field and ten years of experience in the respective technical/professional discipline being performed, five years of which must be in the DoD OR, bachelor’s degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, five of which must be in the DoD OR, 15 years of directly related experience with proper certifications, and eight of which must be in the DoD.
• Must hold and maintain a personnel certification associated with the DCWF Security Control Assessor work role (612) at an advanced (senior) proficiency level as outlined in DoDI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications.
• CISM or CISSO or CPTE or CySA+ or FITSP-A or GCSA or CISA or CISSP or CISSP-ISSEP or GSLC or GSNA
• Must hold and maintain and active DoD Secret Clearance.
• Schedule: (M-F; 8-5)
• Work Location: - Onsite at Gunter Maxwell, AL

Responsibilities

• Ensure that system and application policies and procedures for the network are followed
• Review applications and systems plan, instructions, guidance, and standard operating procedures for the security of network systems operations
• Participating in the Information System Assessment Process (SAR)
• Assess security requirements for hardware, software, and services acquisitions specific to network environment/system cybersecurity programs
• Ensure that cybersecurity-enabled software, hardware, and firmware comply with appropriate network system security configuration guidelines, policies, and procedures
• Test and validation controls
• Use eMASS to review controls
• Review Plan of Actions and Milestones (POA&M) entries
• Ensure that cybersecurity inspections, tests and reviews are coordinated for the network system
• Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed
• Advise the AO, AODR, and application/system owner of any risks or vulnerabilities discovered
• Prepare Security Assessment Reports
• Provide risk assessments IAW NIST Special Publication 800-30 for authorization decisions and configuration changes.
• Participate in technical interchanges, security impact assessments and security assessment meetings with CDMs, ISSOs/lSSMs and AODR.
• Develop Security Assessment Report to document security vulnerabilities, mitigations, and overall risk determination.
• Validate eMASS controls or returns to submitter for re-testing.
• Perform automated and manual security testing; and,
• Support technical assessments of IT systems to include web applications, application servers, web servers, access control, and databases.

Benefits

• ESOP participation
• 401(k) match and safe-harbor contribution
• medical, dental, vision, life insurance, short-term disability, long-term disability
• flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts
• EAP
• education assistance
• paid time off, and holidays