Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
IT - Security
Honolulu, HI (On-Site/Office)
Job Title: Cyber Security Auditor
Location: US-HI-Honolulu
Clearance: Top-Secret
Overview:
We are seeking a Cyber Security Auditor to join our team supporting Network Enterprise Technology Command (NETCOM) in Honolulu, HI.
Responsibilities:
The CSFC Solutions Auditor would assist and support with the development, configuration, testing, and evaluation of Commercial Solutions for Classified (CSfC) solutions used to secure government customers' classified data and networks. The Engineer will work individually and as a member of a team to configure network, software, and hardware networking components and security appliances and applications to meet DoD requirements and support their installation and initialization onsite in the customers' environments.
RESPONSIBILITIES
Coordinate with the NSA CSFC PMO on all CSFC related documents and statuses.
Prepare documents required for NSA registration (Checklist, Annex, Deviations, ConOps, etc.)
Prepare daily, weekly, and monthly reports describing the task status in accordance with task order report template.
Review, manage, control, and maintain security audit log data
Document and report security-related incidents to appropriate authorities
Perform annual assessment of NSA capability packages checklists and Cross Domain Solution registrations
Performs authorization continuous monitoring on all Risk Management Framework (RMF) packages
Evaluate an array of IT devices (e.g. Windows, RHEL, Cisco routers, switches, firewalls, etc.) for DoD compliance using SCAP Compliance checker, ACAS, Evaluate STIG, and via manual STIG check reviews
Must be proficient in navigating through the eMASS application
Provide DoD Cybersecurity analysis and risk-based security recommendations for the CSfC system
Assess CSfC IAW DoDI 8500, DoDI 8510 and NISP SP 800-53
Review, updated and/or develop NSA registration artifacts (e.g., SSP, POA&M, MOU/MOA, topology, network architecture, PPSM, policies and procedures, HW/SW lists.) for CSFC compliance.
Supports CT&E or DT&E activities of system security engineering and program protection activities.
Identify the mitigation controls for identified risks and propose additional strategies for identified vulnerabilities
Support all Cross-Domain solution requirements
Act as the Cybersecurity Subject Matter Expert
Consult in other projects when needed
Continue education and learning new and evolving technology
Perform special projects and other duties assigned
REQUIRED QUALIFICATIONS
Active Top Secret OR Higher OR Secret Clearance level with completed T5 investigation
5 or more years of experience in cybersecurity
BA/BS = 5 years; AA=7 years
One of the following DoD8140 Certifications:
CCISO (Certified Chief Information Security Officer)
CCSP (Certified Cloud Security Professional)
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)
GCSA (GIAC Cloud Security Automation)
GISF (GIAC Information Security Fundamentals)
GSLC (GIAC Security Leadership Certification)
A Computing Environment Certification (e.g., CEH, Linux, CCNA, VMWare, etc.)
Location: US-HI-Honolulu
Clearance: Top-Secret
Overview:
We are seeking a Cyber Security Auditor to join our team supporting Network Enterprise Technology Command (NETCOM) in Honolulu, HI.
Responsibilities:
The CSFC Solutions Auditor would assist and support with the development, configuration, testing, and evaluation of Commercial Solutions for Classified (CSfC) solutions used to secure government customers' classified data and networks. The Engineer will work individually and as a member of a team to configure network, software, and hardware networking components and security appliances and applications to meet DoD requirements and support their installation and initialization onsite in the customers' environments.
RESPONSIBILITIES
Coordinate with the NSA CSFC PMO on all CSFC related documents and statuses.
Prepare documents required for NSA registration (Checklist, Annex, Deviations, ConOps, etc.)
Prepare daily, weekly, and monthly reports describing the task status in accordance with task order report template.
Review, manage, control, and maintain security audit log data
Document and report security-related incidents to appropriate authorities
Perform annual assessment of NSA capability packages checklists and Cross Domain Solution registrations
Performs authorization continuous monitoring on all Risk Management Framework (RMF) packages
Evaluate an array of IT devices (e.g. Windows, RHEL, Cisco routers, switches, firewalls, etc.) for DoD compliance using SCAP Compliance checker, ACAS, Evaluate STIG, and via manual STIG check reviews
Must be proficient in navigating through the eMASS application
Provide DoD Cybersecurity analysis and risk-based security recommendations for the CSfC system
Assess CSfC IAW DoDI 8500, DoDI 8510 and NISP SP 800-53
Review, updated and/or develop NSA registration artifacts (e.g., SSP, POA&M, MOU/MOA, topology, network architecture, PPSM, policies and procedures, HW/SW lists.) for CSFC compliance.
Supports CT&E or DT&E activities of system security engineering and program protection activities.
Identify the mitigation controls for identified risks and propose additional strategies for identified vulnerabilities
Support all Cross-Domain solution requirements
Act as the Cybersecurity Subject Matter Expert
Consult in other projects when needed
Continue education and learning new and evolving technology
Perform special projects and other duties assigned
REQUIRED QUALIFICATIONS
Active Top Secret OR Higher OR Secret Clearance level with completed T5 investigation
5 or more years of experience in cybersecurity
BA/BS = 5 years; AA=7 years
One of the following DoD8140 Certifications:
CCISO (Certified Chief Information Security Officer)
CCSP (Certified Cloud Security Professional)
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)
GCSA (GIAC Cloud Security Automation)
GISF (GIAC Information Security Fundamentals)
GSLC (GIAC Security Leadership Certification)
A Computing Environment Certification (e.g., CEH, Linux, CCNA, VMWare, etc.)
group id: 10529568
