Apply on Employer Site

Threat Tec, LLC · 1 day ago

Cybersecurity SME

Newport News, VA

Full-time

Onsite

Senior Level

6+ years exp

Threat Tec, LLC is seeking a Cybersecurity SME to support the Department of War's Transformation and Training Command at Fort Eustis, Virginia. The role involves maintaining operational security for DoW information systems, leading the implementation of advanced security technologies, and managing cybersecurity compliance and reporting.

EducationInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Work closely with T2COM G2 Cybersecurity and IT Services departments to establish and administer appropriate security systems, policies, standards, and procedures in compliance with applicable government directives and guidelines

Ensure network security and compliance on business operational network in accordance with Army and DoW polices and best practices

Review compliance with DoD 8140, NIST SP 800-53, C&A, POAMS and other audit and security requirements, when applicable, for customer supported infrastructure

Maintain inputs to eMASS as the centralized cybersecurity management platform for the full spectrum of cybersecurity management activities

Integrate the Risk Management Framework (RMF) process Ensures security policies, standards, and procedures are enforced

Develop POAMs (Plan of Action and Milestones) for essential tracking of corrective actions that help the government manage and mitigate risks effectively and maintain firewalls and other security and intrusion detection devices

Optimize IT infrastructure auditing and monitoring capability to analyze incident and event notifications

Generate required compliance reports to include RMF authorization packages and DoD Cybersecurity Scorecards that provide visibility of enterprise level cybersecurity posture. and verify COOP/DR capabilities for the business operational network theater wide

Update and maintain procedures for operation of secure IT assets

Establish knowledge sharing, standardized practices and process improvement and review effectiveness of security awareness and education programs for DoD government and contractor employees

Maintain awareness of changes to DoD cybersecurity and other applicable policies and update local policies as needed

Review system security audit logs on standalone and networked systems

Ensure systems are operated, maintained, and disposed of in accordance with DoD and local security policies and procedures

Support Information System Incident Response in accordance with the DoD and local Incident Response Plan

Support enterprise DevSecOps and SDLC standards for an enterprise application development platform

Qualification

CybersecurityRisk Management Framework (RMF)DoD 8140 certificationsCompTIA Security+Certified Information Systems Security Professional (CISSP)Certified Ethical Hacker (CEH)Certified Cloud Security Professional (CCSP)NIST SP 800-53Cloud SecurityIncident ResponseSecurity Awareness ProgramsCommunication SkillsTeam Leadership

Required

Six (6) years of experience in cybersecurity, with a proven track record in risk management, threat mitigation, and security strategy development

At least 2 years previous experience as an ISSO/ISSM or another organizational equivalent

Possess certified DoD 8140 certifications to specific roles within the DoD Cyber Workforce Framework (DCWF). Validated mapping of required skills, certifications, and qualifications and workforce categories/functions of Cybersecurity, Intelligence (Cyberspace) and IT (Cyberspace). CompTIA Security+ (for foundational cybersecurity knowledge); Certified Information Systems Security Professional (CISSP) (for advanced cybersecurity professionals); Certified Ethical Hacker (CEH) (for ethical hacking and penetration testing); and Certified Cloud Security Professional (CCSP) (for cloud security roles)

Proven oral and written communications skills including presentation development and delivery for clients

Ability to obtain and maintain an active Top Secret with SCI eligibility