Cyber Vulnerability Assessment SME(s) with TS/SCI

Job Summary

Vosago is seeking Cybersecurity SME(s) to support a CISA cyber security program.

Position: Full-time

Citizenship: U.S. Citizenship

Location:  Arlington, Virginia or Corry Station, Pensacola, Florida 
Work under this contract will primarily be performed at the Contractor’s facility. Work may also be performed at the following Government locations and through telework:
The primary place of performance will be the proposed contractor facility. However, Contractors requiring SCIF access will be required to report to the CISA 4601 address at N. Fairfax Drive in Arlington, Virginia (Ballston One) or Corry Station, Pensacola, Florida. Due to limited office space within Government facilities, the Contractor and subcontractor personnel may be required to work from the prime or subcontractor facilities when adequate workspace is not available at the Government site

Clearance: TS/SCI 

Responsibilities and Duties:

The SME Cyber Vulnerability Assessment Analyst is responsible for leading penetration testing, developing advanced security scenarios and testing systems against those scenarios, developing advanced security architectures for the implementation of custom countermeasures, provides security considerations to advise system engineering teams with the objective to reduce errors, flaws, and weaknesses that may constitute security vulnerability, performing advanced code analysis, and performing advanced protocol analysis for nation-state and state-sponsored cyber threat actor capabilities.
The purpose of this Statement of Work (SOW) is to obtain administrative security support, security evaluation, risk management, and security monitoring and incident response services for CISA, CSD, and CISA supported initiatives. The Mission Engineering (ME) Information Security Branch (ISB) is responsible for providing Cybersecurity and Information Assurance support for CSD. ISB manages the Security Authorization process, performs management of policy and security requirements, compliance certification and vulnerability analysis to ensure authorized CSD systems meet FISMA requirements

Required Qualifications and Skills

• 10+ years of proven experience as a Security Engineer with supervisory/leadership abilities to oversee large teams responsible for planning, analyzing, implementing, and maintaining many different projects.
  
• This individual must have experience assessing security implementation of cloud and hybrid environments to include pipelines, applications and services; also ensuring an industry best practice implementation utilizing agile practices for scanning and end to end vulnerability remediation
  
• Assist in all information security planning, compliance and risk management, manage teams, ensure they have appropriate skill sets, and tie the teams and results together; identify vulnerabilities and understand and recommend countermeasures; analyze the network to determine if appropriate security is applied;
  
• Possess and apply knowledge NIST RMF
  
• Develop and implement test plans and ensure execution; and evaluates the costs and benefits of security functions and considerations from analysis of alternatives, engineering trade-offs and risk treatment decisions. The SME Cyber Vulnerability Assessment Analyst requires an active clearance up to TS/SCI security clearance.
  

Preferred Qualifications and Skills

Agency experience (ideally DHS/CISA)