Be an early applicantLess than 25 applicants

Company

Original Job Post

Boeing · 2 days ago

Cybersecurity SME

Herndon, VA

Full-time

Onsite

Senior Level

$148K/yr - $200K/yr

3+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

AerospaceIndustrial

Actively Hiring

Insider Connection @Boeing

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Lead the design, installation, operation, security, and maintenance of dedicated Program Information Technology Infrastructure.

Provide remote support to users at military locations and teammates across multiple time zones.

Apply cybersecurity and Information Assurance (IA) background to be a technical leader and support Boeing customers throughout multiple classified computing domains.

Ensure all Information System Security policies, standards, and directives are enforced to support assessment, authorization, and continued operation of information systems processing classified information.

Apply an interdisciplinary, collaborative approach to lead activities to strategize, plan, design, develop, and verify highly complex security solutions to meet enterprise needs.

Provide strategic guidance and consultation on enterprise implementation and use of Risk Management Framework (RMF), security compliance and monitoring, delivery of technical reports and briefings, root cause analysis and resolution, and information security policy, standards, guidelines, and procedure development and implementation.

Oversee, develop, design, and conduct research that results in new requirements management methodologies or results in unique approaches that mitigate assessment and review findings.

Provide mentoring and technical leadership to the information security enterprise community for developing and enhancing security solutions. Integrate technical, cost, value, and risk considerations into the secure product definition. Explore and shape industry knowledge, methods, tools, and processes applicable to security solutions. Represent the company in industry or academic forums. Inform management on a wide range of high leverage information security-related topics.

Oversee the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines, and procedures.

Identify root causes, prioritize threats and recommend or implement corrective action.

Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices.

Lead development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards.

Lead and implement the Authorization and Assessment (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems.

Facilitate development of Memorandums of Understanding (MOU) and Interconnection Security Agreements (ISA) and support Continuous Monitoring (CONMON).

Oversee configuration management of assigned systems; audit systems to ensure security posture integrity.

Conduct risk assessments and investigations, implement appropriate risk mitigation, and oversee incident response activities.

Conduct periodic hardware and software inventory assessments.

Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Risk Management FrameworkNESSUSACASDISA STIGsSCAPAudit ReductionHBSSCybersecurity PoliciesDAAPMCNSSI 1253ICD-503JSIGNIST SP 800 seriesAssessing DataIAM Level 1DoD 8140.01CAPGSLCSecurity+ CECISSPCASPCISMISSOISSMU.S. Top Secret Security ClearanceSingle Scope Background InvestigationContinuous Evaluation programRMFIAM Level III CertificationAuditing

Required

Bachelor's degree or equivalent work or military experience.

3+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS.

Experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series.

Experience assessing and documenting test or analysis data to show cyber security compliance.

IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC).

Experience as an Information System Security Officer (ISSO) or Information System Security Manager (ISSM) supporting classified programs.

Active U.S. Top Secret Security Clearance (U.S. Citizenship Required).

Current Tier 5 (T5), formerly known as a Single Scope Background Investigation (SSBI) (U.S. Citizenship required) or willingness to enter a Continuous Evaluation program.