Cyber Defense Operations Security Specialist

Description
DSA is seeking a TS/SCI cleared Cyber Defense Operations Security Specialist to join our team in Charlottesville VA. The Cyber Defense Operations Security Specialist will play a critical role in the maintenance, modernization, and further development of continuous monitoring plans and actions for Army intelligence systems. This position will be ONSITE and eventually after 90 day will be reviewed for a Hybrid Schedule.

Required Qualifications

• Active TS/SCI Clearance
• DOD 8140 (8570) IAM or IAT Level II Certification
• At least five years of experience performing defensive cyber security operations.
• Experience maintaining security compliance on DOD systems utilizing STIGs
• Familiarity with DoD and Army Cybersecurity policies and instructions.
• Experience working with common security tools and DevSecOps methodologies (Nessus, Client Fortify, GuardDuty, Ncat, Prisma Cloud Compute, Clair, etc)
• Familiarity with ConMon and cATO technical cyber requirements and related methodology for successful ConMon and cATO execution.
• Familiarity with IAVM and common DOD configuration management practices.
• Experience with risk management and incident response.
• Familiarity with common risk management strategies and methods
• Strong working knowledge of operating systems, networks, and web applications
• Demonstrated ability to find innovative solutions and work independently.
• Strong verbal and written communication skills
• Experience with cloud based systems

Desired Qualifications

• BS degree in Engineering, Computer Science, or related field
  • Experience may be substituted for degree.
• Experience with Agile development practices
• Familiarity with Zero trust implementation/concepts
• Experience with scripting and task automation (Python, PowerShell, Perl, etc.)
• Experience assessing and architecting common security tools for enterprise environments.
• Familiarity with Enterprise Mission Assurance Support Service (eMASS)

Key Responsibilities

• Actively work to improve the security posture of the organization through the proper implementation and effectiveness of technical security controls.
• Work with the Cybersecurity Office and stakeholders to define and implement the overall Continuous Monitoring strategy and produce an automation plan to support cATO.
• Support the development of security automation for regular security checks occurring at an enterprise or program level.
• Assess current cyber security tools and develop automation plans for implementation as part of a continuous monitoring strategy.
• Work with Development teams to educate and inform decision making processes concerning security configuration of the system.
• Work with development and Operations teams to build security into their deployment pipelines.
• Perform automated and manual STIG checks for multiple technologies including operating system, Web app, database, and network STIGs.
• Work with eMASS when necessary for the update of BOE technical documentation and evidence, in support of ATO processes.
• Work with programs to help modernize security methodologies to utilize native cloud technologies and processes.

Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. DSA requires background checks , where permitted , by law. DSA is an E-Verify Employer.