Cyber Security Lead
Contract 6-9 months, Possible Conversion
M-F 40 hours weekly
Current TS/SCI or SCI eligibility and a CISSP (or other IAT III cert).
Major Duties & Responsibilities:
- Coordinate, maintain, change, and keep updated, the Risk Management Framework (RMF) Assessment and Authorization (A&A) packages for the five enclaves administered by OSI.
- Perform the Information Assurance Vulnerability Management (IAVM) process by ensuring systems and networks maintain compliance with vulnerabilities.
- Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments.
- Monitor policy for the IT Enterprise Cyber Surety Division relating to the compliance, validation and assessment of the four networks (NIPRNET, SIPRNET, SAPnet and JWICS) and Major Information Technology Systems (MITS).
- Maintain and update HQ's OSI database for assessing/managing risk, and authorizations for all AFOSI data networks.
- Implement cyber security controls and assist OSI customers with the implementation on cyber security controls where the cyber security controls fall outside of the contractor’s area of responsibility.
- Continuously monitor for control compliance and take immediate actions to bring systems into compliance.
- Implement and maintain the OSI DMZ and boundary control devices including routers, firewalls, and sensors.
- Conduct Computer Network Defense (CND) actions, and Computer Network Exploitation (CNE) enabling activities.
- Defend against unauthorized activity within computer networks including monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities.
- Utilize computer networks to gather data from internal target or adversary information systems or networks in support of operations and intelligence collection capabilities.
- Determine the attribution and actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein to develop incident response plans using forensically sound methods and procedures.
- Ensure that all application deliverables comply with the DISA Application Security & Development and Database STIG, which includes the need for source code scanning and a Web Penetration Test to mitigate vulnerabilities (including as examples, SQL injections, cross-site scripting, and buffer overflows).
- Ensure successful implementation and tracking of all Network Tasking Orders (NTO), Maintenance Tasking Orders (MTO), Time Compliance Network Orders (TCNO), NOTAM, Time Compliance Technical Order (TCTO), and Data Call Orders (DCO) for the systems included in the five AFOSI enclaves identified within this PWS.
- Review current CCRI requirements and ensure systems and their operations are compliant.
- Perform self-inspections every nine months and routinely as needed.
Qualifications: 10+ years’ experience in cyber security. Bachelor’s degree in a related field desired. Must be IAT Level III (CISSP, CASP+ CE, CISA, GCED, GCIH, or CCNP Security) certified. Extensive experience with Risk Management Framework (RMF), STIGs, and cyber security controls. Basic Linux experience to include Red Hat. Networking experience including routers, switches, and firewalls. Experience with Cisco and Juniper. Experience performing vulnerability and risk assessment using DISA's Assured Compliance Assessment Solution (ACAS) suite or Nessus Security Scanner. Experience with ArcSight/Splunk or another Security Information Event Manager (SIEM). Experience with DoD Host Based Security System (HBSS) administration. Experience working with Enterprise Mission Assurance Support Service (eMASS). Knowledge of one or more of the following Cybersecurity systems: Microsoft Endpoint Configuration Manager (MECM, formerly SCCM) and/or Code scanning software (preferably Fortify). Experience with development/architecture for apps and services, and testing and administration. Strong knowledge of Microsoft Windows technologies, including Active Directory, Windows Administration, scripting, and Windows configuration techniques. Strong desktop application administration experience to include Microsoft Office, web browsers, and anti-virus applications. Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Excellent communication skills, both oral and written. Analytical skills to troubleshoot IA issues. Must be able to apply intensive and diverse knowledge to problems and make independent decisions. Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team. Must be a US citizen and hold a current Top Secret clearance with SCI access or eligibility (TS/SCI).
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.
Job Status: Contract/Temporary