Today
Secret
Unspecified
Unspecified
IT - Security
Smyrna, GA (On-Site/Office)
Shift: Standard; Monday-Friday; On-site
Pay: Commensurate with experience
This role will provide support to increase the Cybersecurity Center's ability to manage the cybersecurity risk to systems, assets, data, and agency capabilities through active identification of system/application weaknesses that require remediation and/or mitigation, enabling DoD to focus and prioritize its risk and vulnerability management efforts in alignment with the needs of the Agency. Work shall be performed in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, NIST SP 800-40, DoDI 8530.01, CJCSM 6510.02, TASKORD 20-020, FRAGO 21 to OPORD 05-01CJCSI 6510.01F, CJCSM 6510.02, TASKORDER 13-0670; and any future released directives/mandates.
Responsibilities Include:
1. Identify
2. Analysis
3. Report
4. Remediation/Mitigation
5. Verification
6. Post Analysis / Process Improvement
Requirements
Certification Requirements:
DoD IAT II required certification/s (one of the following):
DoD CSSP Auditor required certification/s (one of the following):
Pay Transparency Statement
Ryan Consulting Group, Inc. complies with all relevant pay transparency laws in each state and jurisdiction where we operate. This includes providing salary ranges and pay data in compliance with state or local regulations where applicable.
We also ensure that applicants and employees in relevant states are informed of their right to inquire about pay information as required by state or local laws. Employees and applicants in states where pay transparency laws are in effect can expect to be provided with salary information upon request during the hiring process.
Equal Employment Opportunity (EEO) Statement
Ryan Consulting Group, Inc. is an equal opportunity employer. We are dedicated to ensuring equal employment opportunities in all aspects of employment, including recruitment, hiring, promotion, training, compensation, benefits, and termination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by applicable law.
Ryan Consulting Group, Inc. is also committed to complying with the Americans with Disabilities Act (ADA) and providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to a disability in the application process, please contact humanresources@consultrcg.com.
Drug-Free Workplace Statement
Ryan Consulting Group, Inc. is committed to maintaining a drug-free workplace, in compliance with the Drug-Free Workplace Act of 1988, which is a requirement for all federal contractors. We recognize the impact that drug and alcohol abuse can have on the safety, health, and productivity of our workforce, and we are dedicated to providing a work environment that is free from illegal drugs and alcohol. All employment offers are conditional upon successfully passing a drug screening.
Pay: Commensurate with experience
This role will provide support to increase the Cybersecurity Center's ability to manage the cybersecurity risk to systems, assets, data, and agency capabilities through active identification of system/application weaknesses that require remediation and/or mitigation, enabling DoD to focus and prioritize its risk and vulnerability management efforts in alignment with the needs of the Agency. Work shall be performed in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, NIST SP 800-40, DoDI 8530.01, CJCSM 6510.02, TASKORD 20-020, FRAGO 21 to OPORD 05-01CJCSI 6510.01F, CJCSM 6510.02, TASKORDER 13-0670; and any future released directives/mandates.
Responsibilities Include:
- Ensure routine action is taken to identify and correct vulnerabilities according to the following phases. Vulnerabilities include Information Assurance Vulnerability Management (IAVM) as well as vulnerabilities not addressed through IAVM directives but affect DoD owned and managed information systems (ISs) and devices:
1. Identify
2. Analysis
3. Report
4. Remediation/Mitigation
5. Verification
6. Post Analysis / Process Improvement
- Provide metrics tracking the following with regards to performance and mission success: mean time to patch; POA&M and Risk Acceptance staffing; and non-compliance trending.
- Support the risk assessment process, Information Security Continuous Monitoring (ISCM) program and Agency overall risk management strategy by providing vulnerability scan information to the Risk Management Group, or relevant entity, in support of assessing and authorizing the environments;
- Conduct testing of IS software patches, updates, upgrades, and hardware device configurations. Provide information system baseline scan reports.
- Provide enterprise, discovery, and compliance Vulnerability Scan report.
- Conduct vulnerability scans requests (i.e. SR, IR) and provide analysis results.
- Create and maintain consistent, repeatable, quality driven, measurable, and comprehensive Vulnerability Management procedures. Establish common standards for directive reporting and compliance as it relates to vulnerability management.
- Host vulnerability remediation/mitigation meetings to review remediation actions with stakeholders; providing SME level guidance on scanning signatures and detection capabilities; Validate and monitor corrective actions/remediation of vulnerabilities on information systems.
- Participate in Cyber Situational Awareness Brief (SAB) and provide: health status of required scans and scanning tools across all environments to include scanning completed by other entities such as DISA; and latest vulnerability status.
- Collaborate with DoD and/or Non-DoD organizations to actively share vulnerability information in order to shape cyber mission space for vulnerability mitigation.
Requirements
- Active Secret Security Clearance.
- At least 5 years of related experience.
- Experience working in a SOC environment.
- Experience conducting vulnerability scans.
- Experience working in a DoD environment.
- Knowledge of cyber kill chain.
- Ability to maintain DoD 8140 / 8570 IAT II certification and CSSP Analyst certifications
Certification Requirements:
DoD IAT II required certification/s (one of the following):
- CCNA-Security
- CySA+ (CSA+)
- GICSP
- GSEC
- Security+ CE
- CND
- SSCP
DoD CSSP Auditor required certification/s (one of the following):
- CEH
- CySA+ **
- CISA
- GSNA
- CFR
- PenTest
Pay Transparency Statement
Ryan Consulting Group, Inc. complies with all relevant pay transparency laws in each state and jurisdiction where we operate. This includes providing salary ranges and pay data in compliance with state or local regulations where applicable.
We also ensure that applicants and employees in relevant states are informed of their right to inquire about pay information as required by state or local laws. Employees and applicants in states where pay transparency laws are in effect can expect to be provided with salary information upon request during the hiring process.
Equal Employment Opportunity (EEO) Statement
Ryan Consulting Group, Inc. is an equal opportunity employer. We are dedicated to ensuring equal employment opportunities in all aspects of employment, including recruitment, hiring, promotion, training, compensation, benefits, and termination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by applicable law.
Ryan Consulting Group, Inc. is also committed to complying with the Americans with Disabilities Act (ADA) and providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to a disability in the application process, please contact humanresources@consultrcg.com.
Drug-Free Workplace Statement
Ryan Consulting Group, Inc. is committed to maintaining a drug-free workplace, in compliance with the Drug-Free Workplace Act of 1988, which is a requirement for all federal contractors. We recognize the impact that drug and alcohol abuse can have on the safety, health, and productivity of our workforce, and we are dedicated to providing a work environment that is free from illegal drugs and alcohol. All employment offers are conditional upon successfully passing a drug screening.
group id: RTL58543
