Cybersecurity SME

Location
Ft Belvoir, Virginia
Posted
Aug 04, 2022
Closes
Sep 07, 2022
Ref
22777
Function
Administrative
Hours
Full Time
Summary

The Cybersecurity SME provides expert guidance and technical leadership to lead the contractor cybersecurity personnel and is responsible for working with the government ISSM. The Cybersecurity SME coordinates the efforts of the contractor Information Assurance Officers/cybersecurity personnel and works closely with the AGC Information System Security Manager (ISSM) with Assessment and Authorization and Access Only activities in accordance with DoDI 8510.01 and NETCOM Tactics, Techniques, and Procedures (TTP) for Risk Management Framework (RMF) processes.

Responsibilities
  • Manage accreditation and continuously monitor activities, as well as the vulnerability management and incident response functions for all supported systems and networks.
  • Support operational cybersecurity activities, including vulnerability scanning, Information Assurance Vulnerability Management (IAVM) compliance, Security Technical Implementation Guide and Security Requirements Guide (STIG and SRG) application, assessment, and remediation, and Plan of Action and Milestone (POA&M).
  • Support cybersecurity governance, risk, and compliance by providing plans, policies, and procedures relevant to the Army Geospatial Center's (AGC's) systems, applications, and networks, including AGGC-R Cloud, C2IE, Overseas Humanitarian Assistance Shared Information System (OHASIS). The SME Information Security Analyst maintains AGC's Tenant Security Plans (TSP) for SIPR and NIPR, Authority to Operate (ATO) for the Joint Worldwide Intelligence communication systems (JWICS), and Interim Authority to Test (IATT), Approval to Connect (ATC), and any other documentation necessary to support AGC's network connections and mission systems.
  • Manage the Enterprise Mission Assurance Support Service (eMASS) records for AGC's mission systems and enclaves, create and track POA&M, track IAVM and STIG compliance, and manage eMASS artifacts necessary in coordination with the ISSM and the cybersecurity personnel to support evidence for applicable security controls.
  • Support Risk Management Framework (RMF) activities, including categorization of systems IAW NIST SP 800-60, selection of security controls IAW CNSSI 1253 and NIST SP 800-53, assessment of security controls IAW NIST SP 800-53A, development and implementation of Continuous Monitoring Plans IAW NIST SP800-137, STIG Traceability Matrix, hardware/software/firmware list, and System Security Plan (SSP).
  • Participate in the configuration process (CM) through representation on the Technical Review Board (TRB) and Configuration Control Board (CCB) and provide a security impact assessment for changes submitted through Request for Change (RFCs).
  • Monitor AGC's systems, applications, and networks.
  • Configure vulnerability scanning, analyze results, and close or mitigate findings.
  • Organize the assessment of AGC GISO IT assets using applicable STIGs, SRGs, and/or vendor supply hardening guidelines.
  • Configure AGC GISO IT assets for vulnerability scanning and ensure 100% coverage using credentialed scans.
  • Coordinate with RNEC-NCR, C5ISR, and GISA as necessary to ensure vulnerability assessment tools are in place and working properly.
  • Analyze vulnerability scan results and resolve open findings for findings that cannot be closed.
  • Create a POA&M and recommend mitigation(s) to lessen the impact of the vulnerability. IAW with ARCYBER OPORD 2016-129 submits Operational Impact Statements (OIS) for Critical and High IAVAs.
  • Support response procedures for cybersecurity incidents, like breaches, spillage, and insider threat actions.
  • In coordination with the Information System Security Manager and Information Assurance (ISSM and IA) Officers maintains all cybersecurity documentation required for accreditation for AGC's GISO assets, including but not limited to architecture diagrams, boundary diagrams, data flow diagrams, ports, protocols, service exception requests, Public Key Infrastructure (PKI) certifications, IA metrics, and Privacy Impact Assessments (PIA) in the requisite cybersecurity document repository.
  • Identify, mitigate, and resolve cyber security incident issues and concerns.
  • Develop guidelines/plans, analyses, reviews, and mitigations in the areas of security incident response and mitigation strategies, vulnerability scanning, writing security assessments, and other cybersecurity-related activities and mandates.
  • Provide technical support, including documentation, to enable AGC systems to meet the requirements of receiving an Authority to Operate (ATO) accreditation decision via the Department of Defense (DoD) Risk Management Framework (RMF).
  • Provide input to the weekly and monthly status report covering technical activities for this functional area, including priorities, tasks, accreditation due dates and schedules, POA&M status, metrics, continuous monitoring tasks, et al.
  • Other duties as assigned

Qualifications
  • BA/BS degree required
  • Master's degree in management or a technology field preferred
  • 10+ years of DoD experience
  • DoD 8570 IAM II required
  • IASE III certifications preferred
  • TS/SCI clearance required
  • The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief

Knowledge, Skills and Abilities
  • Must have advanced working knowledge of a variety of computer software applications in word processing, spreadsheets, database (MSWord, Excel, Access, PowerPoint), and Outlook
  • Must be proficient with related automated tools including but not limited to the Enterprise Mission Assurance Support Service (eMASS), Host-Based Security System (HBSS), and Assured Compliance Assessment Solution (ACAS)
  • Trained and proficient with DoD vulnerability scanning tools, including Assured Compliance Assessment Solution (ACAS) Security Content Automation Protocol Compliance Checker (SCC), Security Technical Implementation Guide (STIG) Viewer, Endpoint Security Solution (ESS), and Amazon Web Services (AWS) GovCloud security tools, including AWS Security Hub, Amazon Inspector, AWS Config, Amazon GuardDuty, Amazon Detective, and Amazon Macie
  • Shall possess expert knowledge and in-depth experience with:
  • Application and system assessment, determination of accreditation requirements (Assess Only, ATO, IATT, etc.)
  • Categorization of information systems and/or data types IAW NIST SP 800-60 Vol II
  • Establishment of Security Requirements Traceability Matrix which identifies applicable DISA STIGs and SRGs
  • Selection of security controls per NIST SP 800-53 and CNSSI 1253
  • Writing System Security Plan (SSP), associated security controls assessment artifacts, and PO&AMs
  • Application of Defense Information Systems Agency (DISA) STIGs and SRGs
  • Management of security controls assessment artifacts in eMASS in preparation of packages for RMF (DoDI 8510.01, NIST SP 800-37) processes
  • Evaluation of security controls per NIST SP 800-53A
  • Implementation of continuous monitoring solutions per NIST SP 800-137

#Chenega IT Enterprise Services, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program

Similar jobs