Job Description :
Duties Include:
Develop and execute a standard continuous monitoring plan for the Department’s shared infrastructures and shared services
Review and provide recommendations for the Continuous Monitoring Plan
Identify security controls that are critical to the Department’s protection strategy
Provide security engineering support for the review of system requirements and proposed / actual architectures
Participate in the reviews to evaluate and provide recommendations from a security impact and cybersecurity risk perspective
Manage other Security Engineers through mentoring and sharing of information
Assess, recommend, and implement cybersecurity monitoring tools
POC for the government customer in identifying, defining and implementing cybersecurity strategies, policies and tactics, techniques and procedures
Methodically and proactively analyze problems and identify solutions as required to identify and mitigate risk to the customer and customer systems
Act within identified guidelines, standards, and policies
Ensure knowledge transfer with federal employees
Qualifications:
5-7 years of experience with at least 5 years in the information security field
BA/BS degree required
Must hold a security certification (CISSP, CASP, CISA, CEH)
Proficiency conducting Security Control Assessments (SCAs) in accordance with NIST
Demonstrated fluency with use of current technologies used for technical security control reviews
Experience with translating vulnerability scan results into findings aligned to NIST
Effectively present analytical data to a variety of technical and non-technical audiences
Experience researching, publishing and maintaining continuous monitoring metrics and data relevant to customer cybersecurity risk posture and RMF implementation
Demonstrated proven experience interacting daily with supervisors and/or functional peer groups, as well as directly with government customers