Optimal Solutions & Technologies (OST, Inc.) is focused on excellence. We specialize in providing Management Consulting, Information Technology, and Research Development and Engineering services. OST is one of an elite set of companies worldwide to be externally appraised CMMI Level 5. The fundamental distinction of the OST team is its business knowledge in both the public and private sectors. We serve the aerospace & transportation, association & nonprofit, defense, education, energy, financial, healthcare, and technology & telecommunications industries. OST is successful because we listen to our clients, we learn from our clients, and we know our clients.
Description of specific Duties in a typical workday for this position: * Manages the administration of Security activities across Information Assurance and Cyber Operations - Intrusion / Threat detection in support of the entire IT environment. * Responsible for Security requirements gathering and analysis; creating security documentation as directed by NIST (800-53rev4), FISMA and Department of Energy guidelines. * Ensures the Cyber Security Program as implemented meets all applicable standards (NIST, FISMA, & DOE). Leads the Certification and Accreditation, Continuous Monitoring, and Authority to Operate activities as defined by the Risk Management Framework (RMF) and engagement with the designated federal point of contact. * Establishes and oversees technical capabilities to resolve security issues through debugging, research and investigation. * Ensures the technical compliance of infrastructure with identified security controls (currently RMF "moderate" control set). * Assigns tasks, monitors performance, provides' guidance, leadership and mentorship for other members of the Cyber Security Team. Researches, recommends and applies new techniques and technologies to innovate and improve current Cyber Security processes for the environment. * Leads a group of security professionals currently organized into two Teams and a project manager: + Information Assurance + Cyber Operations + Assigned Project Manager * Assesses current team members skill levels, gives guidance to, mentors and develops abilities of all team members * Interacts with Federal Point of Contact, translates his/her guidance and direction into program deliverables * Assigns, monitors and provides Quality review of products produced to meet deliverable requirements * Maintains accreditation status via a program of Continuous Monitoring * Refines and implements current Risk Management strategy in accordance with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) * Develops information security policies and procedures covering LAN and WAN user access, remote access, etc. * Assists in developing and identifying PII/PHI security policies and procedures * Expands current C&A documentation package with Sub System SSPs for networks identified by the designated approving authority/authorizing official * In conjunction with Cyber Project Manager, co-develops implementation, migration plan and schedule for moving all systems/networks into the new C&A methodology * Assists in developing, implementing and operating a broad range of information security-related solutions to meet requirements * Oversees activities of the assigned Cyber Project Manager, providing guidance on project execution, solution suitability, development and implementation. * Ensures the Cyber Security Program meets all contract and COR / TCOR directed deliverables with specified delivery timelines and appropriate quality level. * Must be capable of working outside of standard business hours when needed and available.
* Master's degree and 6 years related work experience OR Bachelor's degree and 8 years' experience OR 14 years' experience in an Cyber Security, Information Assurance, Information Technology, Computer Science, or Engineering discipline * Experience in Cyber Security Operations or Information Assurance is required * Current Certification credentials in Cyber Security (CISSP, CISM, CISA, or SANs Program certifications) is required * Understanding of information technology and telecommunications systems; working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards * Strong understanding of enterprise IT, including networking infrastructure, systems administration, data centers, and software applications and the development life cycle * In depth knowledge of NIST Special Publications (SPs) and Federal Information Processing Standards (FIPS) to include NIST SPs 800-37, 800-53, 800-53rev4, FIPS 199, and 200 * Reasoning and problem-solving skills * Work independently with limited supervision; ability to interact effectively with customer * Work well as a member of a cooperative team * Work in a matrix organizational structure and distributed team environment * Recognize and deal appropriately with confidential and sensitive information * Ability to implement project plans and document progress of assigned tasks * Ability to prepare and deliver presentations to technical and non-technical audiences * Strong written and verbal communication skills * Government Cyber Security experience is highly desired * US Citizenship required
This is a full time position paying a base salary, full benefits, and has possible bonus potential based on merit and performance. To be considered for this position, please apply online with a cover letter and MS Word resume.
OST is an equal opportunity employer. Applicants are considered for positions without regard to race, religion, gender, native origin, age, disability, or any other category protected by applicable federal, state, or local laws.