Cybersecurity Specialist

Overview

The Cybersecurity Specialist is responsible for designing, implementing, and maintaining the security controls and protocols for the C2P Mod project. This position will directly impact the C2P Mod project by providing security guidance and expertise to development/system engineering/DevOps teams, conducting vulnerability assessments, keeping up with the latest STIGs from DISA, and collaborating with government stakeholders to ensure compliance with security policies and regulations. This position will directly impact the security and RMF compliance of the C2PMod project by ensuring the confidentiality, integrity, and availability of project assets.

Responsibilities

CORE FUNCTIONS/JOB DUITES

Able to perform the following independently, under minimum supervision:

• Assess existing IT architecture for compliance with security requirements from applicable security frameworks (such as FISMA, ISO 27001, NIST SP 800-53 etc.).
• Create documentation to support information system authorization/accreditation packages.
• Provide continuous monitoring support for information systems.
• Develop IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development.
• Develop IT security policies, standards, and guidance.
• Develop and implement cyber-T&E strategy.
• Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations, and recommend mitigation strategies.
• Validate and verify system security requirements definitions and analyze and establish system security designs.
• Apply leading-edge principles, theories, and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines.
• Perform security research, analysis, and design for all client computing systems and the network infrastructure.
• Plan and oversee configuration changes for major security infrastructure platforms.
• Develop, implement, and document formal security programs and policies throughout the program and monitors compliance to these policies and programs.
• Lead the technical aspects of internal security audits and investigations.
• Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues.
• Create, review, and adjudicate comments for White Papers, Interface Control Document (ICD), System Requirement Document (SRD), Software Design Descriptions (SDDs), Software Test Plans (STPs), Software Test Descriptions (STDs), Software Test Reports (STRs), power point packages containing proposed design info, and various proposed test cases.
• Perform vulnerability assessments and Certification and Accreditation (C&A) activities (e.g., DoD, RMF).
• Implement security controls in networking devices databases, operating systems, hardware, and software components.
• Administer and manage IA Vulnerability Alerts (IAVA), and security Plan of Action and Milestones (POA&M) mitigations through timely assessment of IAVA notices and POA&M corrective actions.

Qualifications

BASIC SKILLS

Minimum of three (3) years of experience and possess a deep understanding of:

• Network security, cryptography, and risk management principles
• Security tools, technologies, and protocols
• Programming languages such as Python or Java
• Cloud security concepts (e.g., AWS, Azure)
• Research, analysis, installation, and test software updates and security patches

CUSTOMER FOCUS

• Proactively identify customer needs and adjusts approach to deliver better service.
• Work independently to solve problems, anticipating potential issues.

INITIATIVE 

Take proactive steps in solving problems, suggest improvements, and seek new opportunities without needing constant oversight.

COMMUNICATION 

• Communicate confidently and effectively, tailoring messages for different audiences.
• Resolve issues through clear communication and builds rapport with others.

PHYSICAL REQUIREMENTS

• May be expected to lift up to 25 lbs
• Frequent use of keyboard and typing
• Frequent sitting and standing

WORK SCHEDULE

• 9/80
• Must have ability to work within company and customer schedule requirements which may vary depending on criticality and necessity of a given task.

EDUCATION

BS in a STEM related Degree, Preferred

CERTIFICATIONS

• Operating System (OS) Certificate Required
• CompTIA Security+ Required
• DoD 8140 Compliance Required
• CISSP or CASSP or CISA Required

PAY RANGE

$115,000.00 to $140,000.00 annually, DOE

U.S. Citizenship is required

Security Clearance:

Candidates must have an active Top Secret/SCI clearance OR the ability to obtain a US Government Top Secret/SCI security clearance, and will be subject to a US security background investigation (i.e. favorable background investigation / credit score). Additional eligibility requirements for access to various levels of classified information may also be required. An active security clearance is highly desirable.

Tactical Engineering & Analysis, Inc. is an Equal Employment Opportunity/Minority/Female/Disability/Protected Veteran Employer