Seasoned technical consultant in all aspects of cybersecurity/information assurance (IA) including cybersecurity solutions development, certification process, and security/software lifecycle activities for the Integrated Personnel and Pay System - Army (IPPS-A). Manages major information security efforts of national significance. Work independently or in a team in support of a customer on site. Clear technical understanding of the risks and technical methods for mitigation of cybersecurity vulnerabilities.
Responsible for developing technical solutions that may require collaboration with internal expertise and deep analysis of the technical system.
Publishes reports and keeps metrics for client systems.
Conducts system assessments to ensure specified system controls are effective.
Analyzes and reviews security findings and data.
Identifies trends and root causes of system failures or vulnerabilities.
Works with limited oversight from manager.
Ensures that Information Systems Security policies, procedures, and practices are compliant with prescribed directives.
Serve as alternate ISSO
EDUCATION & EXPERIENCE:
Required Education and Experience:
BA/BS and 5 + years experience
CISSP Certification or Security +
Current Secret Clearance
Recent experience performing activities for Assessment & Authorization (A&A) under RMF utilizing the Enterprise Mission Assurance Support Service (eMASS)
Experience in supporting the design and development activities of enterprise systems
Desired work experience should include:
Knowledge of CNSS1253, NIST SP 800-53 R4, FIPS 199, and FIPS 200
Knowledge of or experience in assessments of security posture using automated tools such as: Nessus, SCAP, ACAS, Audit Vault, Splunk, and Fortify.
It is highly desirable that candidate have:
Experience working with Oracle ERP
Experience in PMO support
Experience with PeopleSoft
Working on a program executing the Security/Software Development Lifecycle (SDLC)
Knowledge of Cross Domain Solutions
Knowledge and experience working with DoD's Risk Management Framework
Possess the following certifications: CSSLP, CAP, CASP, CISA, CEH, or GIAC Certifications
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.