Businss Process Engineer/Analyst level 3 and 4

Employer
AboutWeb
Location
Arlington, VA
Posted
Jun 12, 2017
Closes
Jul 04, 2017
Function
Analyst, Engineer
Industry
Engineering
Hours
Full Time
Business Process Engineer/Analyst
Must have an Active Top Secret Clearance
Location: Arlington, VA
Required experience: Enterprise Architecture, DoDAF, Database Management, Process and Requirements improvement experience.
Provide resource, business and investment decision analysis support to executives and project maanger; support decisions involving system acquistions investment, cost, technical performance, and schedule tradeoffs; and write reports, technical documents and briefings.
Duties and work output cover a range of analysis specialties such as: develops, refines, and applies analytical tools, methods and techniques to support resource analysis, life-cycle cost estimation; cost-effectiveness analysis of alternatives; acquisition planning; program risk assessment; investment strategy/portfolio optimiztion; business process/model development; Earned Value Management and project management.
Level 3
Effectively communicates technical information to non-technical audiences, influences others to comply with policies and conform to standards and best practices.
Provides significant input into the design of the organization's working information security systems operations and maintenance strategy and methodology to comply with the organization's cyber security standards and mission.
Attends and participates in professional conferences to stay abreast of new trends and innovations in the field of information systems and or cyber security.
With minimal supervision, manages, plans, evaluates and advocates for information security compliance systems, plans and functions. Provide significant input to the management of complex projects, programs, initiatives (e.g. department or agency-wide) with on-going systems monitoring.
Minimum requirements:
Bachelor Degree, 5-9 years experience
OR
Degree from a designated CAEIAE and 5-9 years of experience related to information technology, cyber security, control evaluation and implementation on information technology systems and programs or transferable skills related to information security, incident and risk management.
Demonstrated experience in leading an Information Security/IS Compliance Group.
Possession and demonstrated application of relevant certifications:
Core: MCSE, CCNA, CCNP, ISC, CAP Related: CISSP, CISM, ISSMP, CompTIA, SANs GIAC, PMP
Competencies:
-Advanced application of relevant competency/skills models. Secure operation systems, workstations, data management, web technology, protocols, secure wireless networking and mobile computing, attack sensing and warning, intrusion detection and event investigation and response, host and network security auditing, computer and network forensics, cyber situation awareness, penetration testing and exploit analysis, insider threat analysis and protection, cryptography theory and protocols, cryptography hardware, software and applications, security and privacy policy, boundary protection and enclaving, biometrics, authentication and access management technologies, enterprise security engineering and secure system management, embedded systems security engineering, security certification and accreditation, security risk modeling, metrics and management, security architectures, code analysis.
Trusted Product assessment, COT integration, high-assurance hardware and software, distributed/delegated end-user administration, granular access control implementation, computer network defense, information assurance.

Level 4
Effectively communicates technical information to non-technical audiences. Influences others to comply with policies and conform to standards and best practices.
Designs and organizes working information security systems operations and maintenance strategy and methodology to comply with the organization's cyber security standards and mission.
Attends and participates in professional conferences to stay abreast of new trends and innovations in the field of information systems and or cyber security.
Independently manages, plans, evaluates, and advocates for information security compliance systems, plans and functions. Is responsible for the management of complex projects, programs and initiatives with high threat and large scope with on going systems monitoring.
Minimum requirements:
Bachelor Degree and 9-15 years of experience related to information technology, cyber security, security control evaluation, and implementation on information technology. systems, and programs or transferable skills related to information security, incident and risk management.
or Degrees from a designated CAEIAE and 9-15 years of experience
Demonstrated experience leading an Information Security/IA compliance group.
Possession and demonstrated application of relevant certifications: Core : MCSE, CCNA, CCNP, ISC, CAP
Relevant Skills for 3 and 4 Level:
-Network Architectures, protocols, and standards (e.g. TCP/IP, IPSEC, ATM, SNMP)
-SW Programming (e.g. C, Java, Perl, XML)
-Systems Engineering
-x86 assembly
-SharePoint Moss
-function calling conventions
-IDA Pro, IDA Pro plugins
-Executable packing, malware analysis
-Anti-virus and intrusion detection
-Signaturing
-Binary files formats, runtime debugging
-Windows and/or Linux environment
-FISMA guidance
-NIST SP800-16 Revision 1
-ODNI Cyber Subdirectory competencies
-CNSS policies, directives, and reports
-C/C++
-Additional competencies for senior management position: Leadership and People Management, Written and Oral Communication, Creative Problem Solving
Competencies:
-Secure operation systems, workstations, data management, web technology, protocols, secure wireless networking and mobile computing, attack sensing and warning, intrusion detection and event investigation and response, host and network security auditing, computer and network forensics, cyber situation awareness, penetration testing and exploit analysis, insider threat analysis and protection, cryptography theory and protocols, cryptography hardware, software and applications, security and privacy policy, boundary protection and enclaving, biometrics, authentication and access management technologies, enterprise security engineering and secure system management, embedded systems security engineering, security certification and accreditation, security risk modeling, metrics and management, security architectures, code analysis