Cyber Security Management Specialist (Secret clearance) - ONSITE

Cyber Security Management Specialist
Aberdeen Proving Ground, MD - onsite
Secret clearance is required
Must be IAM Level III certified: CISSP, CISM, GSLC, and/or CCISO

Major Duties & Responsibilities:
• Build, coordinate, maintain, change, and keep updated, the Risk Management Framework (RMF) Assessment and Authorization (A&A) packages.
• Develop and complete System Security Documents in accordance with the DoD Information Assurance Certification and Accreditation (DIACAP) Process.
• Draft, develop, and monitor cyber security policy for ATEC.
• Maintain and update database for assessing/managing risk, and authorizations for all data networks, and maintain and monitor progress of assigned IT personnel's progress in maintaining compliance with the Federal Information Security Management Act, Intelligence Community, and DoD compliance requirements.
• Implement IA controls and assist customers with the implementation on IA controls where the controls fall outside of the contractor’s area of responsibility.
• Continuously monitor for control compliance and take immediate actions to bring systems into compliance.
• Defend against unauthorized activity within computer networks including monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities.
• Determine the attribution and actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein to develop incident response plans using forensically sound methods and procedures.
• Ensure that all application deliverables comply with the DISA Application Security & Development and Database STIG, which includes the need for source code scanning and a Web Penetration Test to mitigate vulnerabilities.
• Review current CCRI requirements and ensure systems and operations are compliant.

Qualifications:
• 7+ years experience in cyber security and information assurance.
• Bachelor’s degree in a related field. Must hold one of the following certifications in compliance with DoD 8570 IAM Level II: CISSP, CISM, GSLC, and/or CCISO
• Experience in information security or network/system administration, including IT auditing, IT compliance, and enterprise risk management.
• Experience performing cybersecurity assessments and inspections, providing incident response, creating/updating/implementing cybersecurity-relevant policies and procedures.
• Knowledge of DOD regulatory compliance and information security management frameworks, including NIST SP 800-37, NIST SP 800-53, and DoD RMF.
• Experience in developing and interpreting cybersecurity plans, policies, and procedures (in areas to include but not limited to configuration management, contingency/disaster preparation, incident response, account management, access control, media control, etc.). Experience providing incident response, reviewing security assessments and inspections and conducting risk management activities at the system level.
• Experience as a Subject Matter Expert in developing and interpreting cybersecurity plans, policies, and procedures (in areas to include but not limited to configuration management, contingency/disaster preparation, incident response, account management, access control, media control, etc.).
• Experience providing incident response, performing security assessments and inspections and conducting risk management activities at the enclave level.