Location
Chantilly, Loudoun County, VA | United States
Job description
Responsibilities:
Lead multi-disciplined teams in the design and implementation of the cyber security system architecture.
Produce cyber security architectural artifacts. Provide architectural analysis of cyber security features and existing system related to future needs and trends.
Reviews and provides input to system requirements based on cyber security posture.
Compiles industry best practices and lessons learned into future iterations and new designs.
Supports the Engineering Review Board by evaluating artifacts for architectural compliance.
Provides broad based experience in the systems engineering lifecycle and apply the experience to specific cyber security initiatives relating to architectural design and development.
Resolves architecture implementation issues during integration and test.
Advise and assist team members to deploy and configure collection services and tools
Work with team members to move data to the appropriate data stores
Meet hands-on RMF responsibilities
Lead Vulnerability Management and ConMon tasks with Enterprise Security Services
Required Qualifications: CLEARANCE: TS/SCI Security Clearance
DoD.8570/8140 IAM III Certification (CISSP, CISM, CISA, etc.)
Minimum Required - COMPTIA Security+ or comparable IAT/IAM II/III certification
Requires BS degree and 8-12 years of prior relevant experience OR, Masters with 6-10 years of prior relevant experience; OR 4 years of additional experience in lieu of degree
Proactive self-starter demonstrating a positive, willing attitude and excellent oral and written communication skills.
Demonstrated ability to adapt to new technologies and learn quickly
Organizational Skills: Can plan and prioritize work. Follows tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail.
Communications: Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context.
Security Assessment and Authorization (A&A) expertise
Familiar with Amazon Web Services (S3 Buckets, EC2, Reserved Instances, etc.)
Familiar with System Engineering documentation creation (VDDs, diagrams, etc.)
Familiar with team collaboration tools (Jira, Confluence, RocketChat)
Working knowledge with XACTA 360, Tenable Security Center, Nessus, Trelix ePO, ACAS, HBSS and Audit enterprise security services
Proficient in ACAS Vulnerability and STIG scanning, reporting, management and remediation
Viewed as an industry expert in the Risk Management Framework (RMF) steps one thru six with the ability to lead Assessment and Authorization (A&A) tasks to successfully achieve Authority to Operate (ATO)
Preferred Qualifications: Experience with cloud-based architectures
Experience with Engineering Review Boards and Change Management
Prior experience with ICD 503
Federal Information Security Management Act (FISMA)
Xacta
National Institute of Standards and Technology (NIST)
Job tags
Salary
