IT Subject Matter Expert (cyber/SCRM)
Washington, D.C., USA
Full Time Clearance required USD 52K - 123K *
Barrow Wise Consulting
Barrow Wise is a leading provider of innovative solutions for complex challenges in data analytics, cybersecurity, digital transformation, emerging technologies, and system engineering. Barrow Wise helps its clients harness the power of data,...Enjoy problem-solving, need a venue to display your creativity, and emerging technologies peak your interest; if so, Barrow Wise Consulting, LLC is for you. As a multi-disciplined leader, you understand the gifts that set you apart from everyone else. Demonstrate innovative solutions to our clients. Join Barrow Wise Consulting, LLC today.
Responsibilities:
The IT Subject Matter Expert will support Barrow Wise's Federal Agency project and perform the following duties:
- Support the Cybersecurity Supply Chain Risk Management Community of Interest with thought leadership, documents, facilitation, best practices
- Collaborate with multiple agencies
- Recommend tools and processes to comply with the NIST Cybersecurity Framework
- Recommend acquisition language to minimize agency risk
- Develop risk management assessment tool
- Provide new federal security guidance policies, processes, and subject matter expertise to develop new cybersecurity standards for contractors
- Review the results of periodic testing and evaluation of the effectiveness of information security policies/procedures/practices and corrective actions of all non-compliant security controls
- Conduct Security Authorization (SA) package reviews as requested by the assigned agency to ensure compliance with all federal and agency requirements
- Provide security expertise and guidance to ensure the consistent application of Security Authorization (SA) processes across contractor organizations
- Provide cybersecurity and supply chain risk management best practices
- Analyze relevant IT Infrastructure security issues and threats
- Develop internal and external vulnerability testing and scanning processes
- Identify opportunities for innovation by going beyond current cybersecurity processes, policies, procedures, and tools
- Create and document scenarios and use cases
- Develop processes and recommendations for contractors to handle any imminent threat of current violation of an organization's security policies or standard security practices. These security incidents could include malware, ransomware, phishing, Advanced Persistent Threats, Distributed Denial of Service (DDoS) attacks, and more.
- Identify, Assess, and Test security information and event management (SIEM) tools and services, and be able to create automation with the SIEM and take the real-time analysis produced from alerts and translate that into incident response plans
- Conduct a thorough review of the organization's adherence to regulatory guidelines, such as HIPAA, FISMA, SOX, PCI DSS, GDPR, ISO 27001 and 20000, and COBIT
- Display knowledge of security audits and compliance and convert knowledge into actionable plans
An Ideal Candidate has:
- US Citizenship (Secret, TS/SCI Clearance)
- Education: Bachelor's degree or higher in a technical field (e.g., Computer Science, Information Technology, Supply Chain Risk Management) and CISSP, CISA, CRISC, and/or CEH
- Minimum of eight years of cybersecurity and supply chain risk management subject matter expertise supporting the federal government
- Minimum of eight years of collaborating with senior leaders and presenting to senior officials viewed as a leader in Cybersecurity Supply Chain Risk Management
Barrow Wise Consulting, LLC offers an ethical, challenging, diverse, and rewarding experience. Join us and become part of an enthusiastic, responsible team that delivers innovative solutions to our clients. We provide competitive compensation packages, attractive benefits, and great careers. Barrow Wise is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LBGT.
Our employees stand behind Barrow Wise's core values of integrity, quality, innovation, and diversity. We are confident that Barrow Wise's core values, business model, and team focus create positive career paths for our employees. Barrow Wise will continue to lead the industry in delivering new solutions to clients and persevere until the client is overjoyed.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CEH CISA CISSP Clearance COBIT Compliance Computer Science CRISC DDoS FISMA GDPR HIPAA Incident response ISO 27001 IT infrastructure Malware NIST PCI DSS Risk management SIEM SOX TS/SCI
Perks/benefits: Competitive pay
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.