Cyber Incident Management Specialist
- Posted: over a month ago
This is an Information Assurance Engineer position for supporting a DoD Inventory Management program located in Fort Belvior, Virginia.
We are seeking an Cyber Incident Management Specialist to join our team of committed technical professionals to protect those who serve against criminal, terrorism and emerging threats. Are you passionate about analytics and innovation? Our employees enjoy a fast-paced, collaborative culture and the ability to directly impact our business. DoD TS/SCI clearance is required to start.
You will work with a high-achieving team to design and deliver high-quality technical solutions. You will be responsible for maintaining functional and technical knowledge of mission systems for the organization, with a focus on leveraging technology to support business needs. You will identify technical issues and opportunities for efficiency and provide technical insights through system design and configuration perspectives. This role is both challenging and rewarding.
How you will make a difference:
- Responsibilities:· Coordinating with other DSMS program teams, planning and create cybersecurity architecture and design documents for all DSMS cybersecurity architecture ensuring it is compliant with DoD and other Federal IA policies and guidance.· Developing cybersecurity architecture and design plans for communication and collaboration products, operating system platforms including servers, devices, management products, applications and overall security related to implementing these products.· Integrating cybersecurity expertise into lifecycle management, planning architecture and design management, migration and deployment, and system testing and implementation.· Developing and providing a criticality analysis of logic-bearing system components (e.g., hardware, firmware, and software) implementing, protecting, or introducing vulnerability(s) to each function.· Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.· Evaluates, tests, recommends, coordinates, monitors and maintains cybersecurity policies, procedures and systems, including access management for hardware, firmware and software· Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
- · Provides guidance and leadership to less-experienced cybersecurity personnel.
- · Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for
- · Ensures that cybersecurity plans, controls, processes, standards, policies and procedures are aligned with cybersecurity standards
- · Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
- · Developing and updating mission criticality analysis(-es), vulnerability assessment(s), risk assessments(s), and identification and counter measurement implementation(s) for Mission- Critical Functions; ensuring updated assumptions, rationale and results related to the criticality analyses, vulnerability assessments, risk assessments, supply chain risk information, and risk mitigations are made available for Government review.
- · Researching, developing, testing and documenting architectures and solutions for implementing new cybersecurity technologies to provide more seamless information collaboration and cybersecurity capabilities for the program and its user base.
- · Providing security engineering support for accreditation of DSMS.
- · Employing best practices when implementing security controls within an IS including software engineering methodologies, system/security engineering principle, secure design, secure architecture and secure coding techniques.
- · Providing dedicated Host based security system administration and documentation support related to McAfee ePolicy Orchestrator (ePO), including knowledge of Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), Rogue System Detection (RSD), Policy Auditor (PA), and Virus Scan Enterprise (VSE).
· BA/BS in Computer Science or related field and 5 years of Cyber related experience. (Additional education, certification, training or work experience can be substituted in lieu of degree)
· IASAE Level II Certification Required (CISSP, CASP-CE, CSSLP or CCSP)
- Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning.
- Experience with Enterprise Mission Assurance Support Service (eMASS) tools.
- Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools.
- Must have experience with using public key-based technologies for applications.
- Security+ certification or equivalent.
- TS clearance level at start.
Inventium.io LLC is a technical consulting and software development services company dedicated to protecting and advancing our national defense and scientific capabilities. Based out of the Washington DC area, we rely on innovation to continually advance our employees' skills and provide digital transformation solutions to our customers.
With proven records of successfully delivering quality services and solutions to multiple federal agencies, our technical competencies include Emerging Technology Solutions, DevSecOps, Cloud Migration, Machine Learning, System Modernization, and Technology Management.
Benefits and Perks
- Employer paid Health Benefits (Medical, Dental and Vision)
- Retirement Plan
- Paid Time Off and Federal Holidays
- Training and Development
- Awards and Recognition
- Employee Referral Program
Inventium.io is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
What email should the hiring manager reach you at?