The IT Cyber Security Specialist
shall work with customer personnel to support the mission, functional, and cyber security policies, architecture, and operational procedures of the HVA PMO. Responsibilities
- Apply mastery of IT systems security principles, concepts, and methods, including state-of-the-art and emerging techniques and products, to recommend appropriate technical strategies to resolve complex and persistent IT security challenges.
- Provide SME expertise as it related to understanding and enhancing penetration test plans and final reports.
- Review proposed new systems, networks, and software designs for potential security
- Prepare deliverables, including progress, status, and management reports in accordance with the contract data requirements/deliverables list.
- Complete annual company and customer-required training, as required.
- Complete timesheet daily in an online system according to company policies and procedures.
- Other duties as assigned
Knowledge, Skills and Abilities:
- High school diploma or GED required
- Bachelor's degree preferred
- 3+ years of cyber security experience is required
- Must have one of the following certifications:
- CompTIA Pen Test+ OSCP
- Must be a U.S. citizen or lawful permanent resident alien with 3+ years of U.S. residency from the legal entry date into the United States
- Must have the ability to obtain and maintain a favorable Department of Treasury background investigation, for life cycle of the project
- The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief
- Knowledge and experience using pen-testing tools, like Cobalt Strike, Bloodhound, Mimi Katz, and Nmap.
- Knowledge and experience with PowerShell and
- Must understand higher-level security requirements, like those resulting from STIGS, laws, regulations, or presidential directives.
- Possess demonstrable skills/understanding utilizing various pen test tools and scripting languages.
- Demonstrate an understanding of security weaknesses and be able to communicate how identifiedsecurity flaws or weaknesses translate into business risks and how to remediate these weaknesses.
- Knowledge of NIST 800-53, 800-30, 800-37, and other applicable Cyber OMB memorandums and DHS
- Knowledge of industry-standard government and commercial security evaluation
- Experience with cloud-based solutions and security
- Ability to analyze existing functional security requirements, security policies, architecture, and operational procedures for security flaws.
- Ability to apply defined security analysis methodologies to a variety of government networks or systems.
- Ability to assess the security posture of networks (Active Directory and Linux/UNIX) from multiple angles and know about various attack techniques against
- Ability to lead/perform security assessments of developmental or operational networks and systems.
- Must have the ability to take and pass a drug test (the department may require drug screening for probable cause at any time).
- Must have the ability to communicate with others effectively both orally and in writing.
- Ability to multi-task in a high-stress, performance-based environment.
- Ability to establish priorities and meet established deadlines.
- Ability to travel up to 10% as required.
#Chenega Analytic Business Solutions, LLC
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer/Veterans/Disabled
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program