Must have active clearance and have the ability to obtain an EOD suitability clearance process
Responsibilities: The qualified candidate will perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations, and recommend mitigation strategies to the O&M Project Manager. Will validate and verify system security requirements definitions and analyze and establish system security designs. Provide expert level consultation and technical services on all aspects of Information Security. Apply leading-edge principles, theories, and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines. Is responsible for providing high level technical leadership focused on complex information security architecture. Perform security research, analysis, and design for all client computing systems and the network infrastructure. Facilitate and manage security vulnerability assessments and penetration tests. Plans and oversees configuration changes for major security infrastructure platforms. Develops, implements, and documents formal security programs and policies throughout the program and monitors compliance to these policies and programs. Represents the program's technical security interests with partners, suppliers, industry associations, and government entities to ensure the bi-directional flow of technical information and best practices is adhered to in the Information Assurance spectrum.
The Cybersecurity Engineer:
- Initiates actions to conduct cybersecurity engineering research and analysis and provides recommendations for the implementation of security mechanisms
- Initiates actions to apply advanced concepts of cyber engineering and cybersecurity to development and architecture projects
- Leads effort to develop cybersecurity documentation, concept papers, and test plans required by Command policies, and the Risk Management Framework
- Maintains extensive knowledge and understanding of DHS engineering efforts, across multiple engineering disciplines
- Analyzes complex information independently and takes appropriate actions, and reviews and implements recommendations from others
- Possesses a thorough understanding and ability to apply intermediate concepts of cyber engineering and cybersecurity
- Maintains thorough knowledge and understanding of the DHS cybersecurity policies and the Risk Management Framework
- Develops and delivers articulate and effective briefings/presentations on complex cybersecurity engineering topics as applicable to assigned projects to any size audience that may include high level decision makers
- Prioritizes competing requirements and tasks, and manages long-term and short-term obligations
- Leads effort to develop all cybersecurity documentation, concept papers, and test plans required by Command policies, and the Risk Management Framework
- Initiates actions to evaluate functional operation and performance in light of test results and makes recommendations regarding C&A
- Effectively provides engineering guidance to cybersecurity engineers Level I and II
Minimum Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Computer Engineering, or a related discipline and at least 15 years of experience. Working Knowledge of IT Security Assessment and Network Vulnerability Tools. Experience with large scale operations and enterprise IT contracts and customers.
Desired Qualifications: Security Certifications (Security+, CISSP, Network+, CEH)
EDUCATION & EXPERIENCE:
Typically requires a bachelor's degree or equivalent and 15 years related experience.
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.