Responsibilities/Duties
Provide direction and guidance to a team of junior to senior level cyber security experts responsible for the cybersecurity operations of complex networked and standalone IT systems
Keep informed of currently approved standards, codes, and procedures applied to cybersecurity specialty
Oversee multiple system packages throughout the Authorization to Operate (ATO) process
Maintain overall schedule and track all ATOs in development and in Continuous Monitoring (CONMON) stage
Provide technical expertise and mentoring to other members of the cybersecurity team to accomplish assigned tasks
Interface with senior government and JT4 leadership to keep them up-to date on the progress and status of ATOs and security posture of IT systems
Be primary interface between the Authorizing Official (AO) and the Security Control Assessor (SCA) for coordination of ATO packages
Conduct research and reference reading in obtaining technical information
Perform systems engineering activities in the areas of Cybersecurity / Information Assurance (IA) / System Security Engineering (SSE) and security assessment and authorization (A&A) in accordance with NIST SP 800-53 RMF
Apply risk management concepts to mitigate vulnerabilities in system security architectures
Interface with the Information System Security Manager (ISSM), program managers, system stakeholders, and external contractors to coordinate cybersecurity requirements and architecture flow down from the system level to individual elements of the system
Assist in preparation of reports, correspondence, or technical studies
Provide Subject Matter Expert (SME) input into the Engineering Review Board (ERB)
As an Information System Security Manager (ISSM) sit on the Configuration Control Board (CCB) as a veto authority to recommend changes into system authorization boundaries
Assist in the development of Statements of Work (SOW) for issuance to possible vendors under the JTECH-II contract
Provide guidance and direction to sub-contracts and preferred vendors on cybersecurity requirements related to scopes and contracts
Assist the government customer with establishing cybersecurity procedures and policies that support and secure operations across multiple disciplines
Provide SME input to all projects or assign an appropriate representative to the task
Oversee a team of various disciplines, including Information System Security Officer (ISSO), ISSM, system admins, network admins, network engineers, and IT systems engineers.
Provide professional career guidance and mentorship to ensure employees and team members flourish
Provide oversight and management of differing circuit requests
Experience/Education:
A masters degree in Computer / Information Technology, or equivalent academic/technical training/certification;
10+ years of experience in computer systems security with 5 years of management experience, and/or related area of expertise
Cybersecurity Service Provider certifications within DoD 8570.01-M within the designated timeframe upon hire date; and a minimum of the following certifications: CISM, CISSP, GSLC, or CCISO are required for this position
Additional desired certifications: CEH (Master) or CERP and Project Management Professional (PMP)
Subject matter expert-level experience supporting various system configurations such as standalone, local area networks (LANs), and wide area networks (WANs)
Demonstrated experience with Risk Management Framework (RMF) process, eMASS, ACAS, SCAP, STIG, Cyber Risk Assessments (CRA), Cyber Table top (CTT) or related process
Robust conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services
Demonstrated experience formulating and/or interpreting cyber threat analysis of adversary techniques, tactics, and procedures used to disrupt computer networks
Demonstrated experience with planning, designing, executing, and assessing discussion-based exercises
Demonstrated ability to plan, organize, and work under strict deadlines
Additional Experience Desired
Experience with SAP and JSIG requirements
Experience with all steps of the RMF process
experience with eMASS and XACTA
Must be able to speak publicly and provide briefings to high-level government customers as requested
Experience in the generation of all required documentation for an RMF package. To include SSPs, DRPs, IRPs, and other required Body of Evidence requirements
Experience in managing large inventories of materials such as workstations and servers
by Jobble
#J-18808-Ljbffr
