Cybersecurity Specialist 3

As part of a multidisciplinary team, you will be responsible for coordinating and implementing technical controls and configuration settings and will work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security Engineering efforts.

• Working closely and supporting team members, vendors, and government customers
• Implementing DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems
• Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process
• Conducting ICS/SCADA system inventories following DoD guidance
• Conducting vulnerability scanning and document system vulnerabilities
• Supporting ISO standardization and Quality inspections
• Participating in continuous improvement of organizational cybersecurity posture

Education:

• 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity
• 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity
• 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity
• 11+ Years with a High School Diploma/ GED

Required Progressive Experience:

• Working with industry and government agencies on the design of platforms and integrated systems Working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.)
• Proficiency with ACAS and HBSS and mitigation strategies
• Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
• Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS
• Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and ACAS)
• Ability to identify, maintain, and troubleshoot control network components
• Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation
• Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility
• Working knowledge of operational control systems and implementing a variety of security assessment tools
• Working knowledge of other operational control systems
• Familiarity with DoDIN CCRI/CCORI and CYBERCOM TASKORDS
• Familiarity with various industry products

Also:

• Strong Oral, Written and Presentation Skills with the ability and experience communicating directly with Customers
• Demonstrated background working with multidisciplinary teams
• Demonstrated time management and organization skills to meet deadlines and quality objectives
• Strong MS Excel, Word, PowerPoint, AUTOCAD, Cameo and Visio Skills is a plus.

Abilities:

• Exposure to computer screens for an extended period of time.
• Sitting for extended periods of time.
• Reach by extending hands or arms in any direction.
• Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard.
• Listen to and understand information and ideas presented through spoken words and sentences.
• Communicate information and ideas in speaking so others will understand.
• Read and understand information and ideas presented in writing.
• Apply general rules to specific problems to produce answers that make sense.
• Identify and understand the speech of another person.

Education:

• 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity
• 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity
• 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity
• 11+ Years with a High School Diploma/ GED

Required Progressive Experience:

• Working with industry and government agencies on the design of platforms and integrated systems Working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.)
• Proficiency with ACAS and HBSS and mitigation strategies
• Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
• Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS
• Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and ACAS)
• Ability to identify, maintain, and troubleshoot control network components
• Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation
• Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility
• Working knowledge of operational control systems and implementing a variety of security assessment tools
• Working knowledge of other operational control systems
• Familiarity with DoDIN CCRI/CCORI and CYBERCOM TASKORDS
• Familiarity with various industry products

Also:

• Strong Oral, Written and Presentation Skills with the ability and experience communicating directly with Customers
• Demonstrated background working with multidisciplinary teams
• Demonstrated time management and organization skills to meet deadlines and quality objectives
• Strong MS Excel, Word, PowerPoint, AUTOCAD, Cameo and Visio Skills is a plus.

Abilities:

• Exposure to computer screens for an extended period of time.
• Sitting for extended periods of time.
• Reach by extending hands or arms in any direction.
• Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard.
• Listen to and understand information and ideas presented through spoken words and sentences.
• Communicate information and ideas in speaking so others will understand.
• Read and understand information and ideas presented in writing.
• Apply general rules to specific problems to produce answers that make sense.
• Identify and understand the speech of another person.

• Working closely and supporting team members, vendors, and government customers
• Implementing DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems
• Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process
• Conducting ICS/SCADA system inventories following DoD guidance
• Conducting vulnerability scanning and document system vulnerabilities
• Supporting ISO standardization and Quality inspections
• Participating in continuous improvement of organizational cybersecurity posture