Lead a small team (12-15) providing cybersecurity support to include Software Vulnerability Testing, Cybersecurity Support Tasks, Cybersecurity Policy/Process/Training, Cybersecurity Compliance, Network Auditing, End-point Security System (ESS, a.k.a Host Based Security System or HBSS), configuration management, and technology service management. support for NASIC’s enterprise.
- Provide software installation/configuration, software scanning, source code and container scan review, and vulnerability remediation and documentation
- Support the NASIC Cybersecurity team, facilitating the assessment and authorization (A&A) and continuous monitoring of approximately 65 operational national security systems within NASIC in accordance with Intelligence Community Directive 503, National Institute of Standards and Technologies 800-Series Publications, Committee on National Security Systems Instructions, and the Risk Management Framework.
- Support the NASIC Cybersecurity Branch, NASIC Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) in the oversight and execution of organization-wide Cybersecurity programs through the creation, maintenance, and delivery of policy, process documentation, and training.
- Provide analytical support and risk assessment for output from cybersecurity capabilities such as endpoint security, audit logs, and vulnerability scanning
- Provide RMF accreditation support for four enterprise-level networks, to include the standup and migration of services to cloud environments
- Identify authorization boundaries for RMF common control provider (CCP) packages and complete RMF activities to receive authorizations and enable inheritance of common controls
- Coordinate and/or complete continuous monitoring activities to maintain enterprise ATOs
- Support the Network Operations Branch in cyber security compliance
- Support required for 11,000+ workstations, 2,111 servers, 3 foundational networks and 917 software titles
- Collaborate and coordinate with other system administrators/Subject Matter Experts for Storage, Linux/Unix, SCCM, Active Directory/Exchange, and Windows as necessary to ensure efficiency in Network operations and Cybersecurity.
- Work with the Cybersecurity personnel to install, configure, and deploy Elastic Stack across NASIC’s Cornerstone Networks, in support of the IC and AF auditing requirements.
- Develop and document procedures/polices in order for NASIC to be compliant with Auditing guidance such as ICS 500-27 (Collection and Sharing of Audit Data). Provide technical support for any possible investigations and inquiries which may result of any misuse of information resources.
- Support, as the subject matter expert, the engineering, integration, operations, troubleshooting, maintenance, and upgrades of existing and new network and endpoint-based cybersecurity capabilities, including Endpoint Security Solutions (ESS, aka HBSS) and the Assured Compliance Assessment Solution (ACAS) for five enterprise-level networks to include associated cloud resources.
- Research and recommend technical solutions to address network and system vulnerabilities and security compliance deficiencies.
- Provide SME/Security Engineering support for new and emerging technologies.
- Provide expert support for Information Technology (IT) in areas of configuration, change, asset, and release management
- Support the development and maintenance of a configuration management (CM) program for the NASIC IT Enterprise
- Provide expert support, analysis, and research into exceptionally complex CM challenges Engineer Technical Solutions for NASIC Mission Needs based on industry best practice and DoD/IC guidance.
- Provide state-of-the-art techniques for designing, developing, modifying, and troubleshooting highly complex computer systems.
- Engineer solutions for multiple networks (To include, but not limited to, DTIC-TS, DTIC-S, Cornerstone-Top Secret, Cornerstone-Secret, MNIS, Cornerstone-Top Secret, Cornerstone- Secret, NIPRNet).
- Engineer solutions that work in the local private Cloud (VMware), the Intelligence Community (IC) Commercial Cloud Service (C2S), and ensure automation technologies allow for solutions that work across both in a Hybrid Cloud environment
- Participate in technical reviews, teams, and discussions as needed to include: Engineering Review Teams (ERT), project and other technical implementation teams, and the Architecture Engineering Review Panel (AERP).
- 7 years of experience
- Training, experience, or formal education in the accreditation of DoD or IC information systems under the RMF
- Training, experience, or formal education in the security hardening of information systems IAW DISA STIGs or vendor hardening guides
- Training, experience, or formal education in the assessment of software and hardware vulnerabilities for applicability and the remediation or mitigation of applicable vulnerabilities
- Experience operating or maintaining a SIEM solution such as the Elastic Stack, ArcSight, or Splunk
- Training, experience, or formal education in Capability Maturity Model Integration (CMMI), Information Technology Infrastructure Library (ITIL), or Information Technology Services Management (ITSM) Methodologies