Responsibilities:

Applies extensive knowledge of a variety of the Cybersecurity field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems. Applies extensive experience with the implementation of the NIST SP 800 family of publications, particularly those associated with NIST’s Risk Management Framework and FedRAMP. Coordinating with system owners, IT staff, and developers to ensure all associated artifacts are accounted for as it applies to the Information System being accredited. Reporting, responding, and documenting the IS into the system of record at the customers site for each system to obtain ATO for the project. Ensuring system scans are properly imported into the system or record to meet Continuous Monitoring requirements as part of the RMF life cycle. Working with the ISSM/ISSE/SCA’s and coordinating with program PM through the RMF/A&A process. Applies extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements. Applies extensive experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines. Works independently to solve problems quickly and completely. Possess ability to assess and weigh current and evolving security threats in an operational environment. Outstanding problem solving and analytical skills, including ability to create clear observations, analysis and conclusions based on customer interviews and data. Team player who can collaborate with multiple stakeholders to arrive at the best solution.

 

Nice to have:

Applies extensive knowledge and experience with all of the following criteria: Vulnerability scanning execution, assessment, and analysis Operating system (Linux/Windows) and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN]) Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies Application security, database security, and network security Relies on extensive experience and judgment to plan and accomplish goals. Possess experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems.