Today
Top Secret/SCI
Unspecified
Polygraph
IT - Security
Chantilly, VA (On-Site/Office)
Responsibilities
Arcfield is expanding its Cyber initiative and seeks a Senior IT Vulnerability Lifecycle Management Specialist to support and help lead our evolving security efforts. The ideal candidate will be able to design and implement a robust vulnerability management program; integrate assessment, authorization, and monitoring processes; conduct comprehensive risk and vulnerability assessments; and provide regular reviews and updates to enhance our security posture. This pivotal role offers the opportunity to shape Arcfield's cyber defense strategies and contribute to our expanding portfolio of cyber programs. Note: An offer for this position is contingent upon contract award.
Responsibilities include, but are not limited to the following:
Qualifications
Required
Desired
EEO Statement
We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.
Arcfield is expanding its Cyber initiative and seeks a Senior IT Vulnerability Lifecycle Management Specialist to support and help lead our evolving security efforts. The ideal candidate will be able to design and implement a robust vulnerability management program; integrate assessment, authorization, and monitoring processes; conduct comprehensive risk and vulnerability assessments; and provide regular reviews and updates to enhance our security posture. This pivotal role offers the opportunity to shape Arcfield's cyber defense strategies and contribute to our expanding portfolio of cyber programs. Note: An offer for this position is contingent upon contract award.
Responsibilities include, but are not limited to the following:
- Coordinate with internal and external stakeholders to establish and manage a vulnerability management program in accordance with ND 52-5, ND 52-15, and Government direction
- Support Government activities and reporting to appropriate IC and DoD authorities, including USCYBERCOM, IC-Security Coordination Center, and IC CIO
- Assess and manage the implementation of identified corrections (e g, system patches and fixes) for technical vulnerabilities
- Provide technical and programmatic Information Assurance Services to internal and external customers
- Design, develop, and implement security requirements within organizational business processes
- Prepare documentation using accepted guidelines such as DITSCAP
- Develop Security Test and Evaluation plans
- Provide certification and accreditation support for security and contingency plans
- Conduct complex risk and vulnerability assessments
- Analyze policies and procedures against Federal laws and regulations, recommending solutions to close gaps
- Develop and complete system security plans and contingency plans
- Recommend system enhancements to improve security deficiencies
- Develop, test, and integrate computer and network security tools
- Secure system configurations and install security tools
- Scan systems for compliance and report results
- Evaluate products and various aspects of system administration
- Conduct security program audits and develop risk mitigation solutions
- Develop strategies to comply with privacy, risk management, and e-authentication requirements
- Provide information assurance support for security architecture development and implementation
- Evaluate, develop, and enhance security requirements, policies, and tools
- Assist in computer incident investigations
- Perform vulnerability assessments and develop risk mitigation strategies
- Apply expertise in DIACAP, NIACAP, NIST SP 800-37, and/or DCID 6/3 frameworks for information systems certification and accreditation
- Work on unusually complex technical problems and provide highly innovative solutions
- Serve as a recognized authority within the company on information security matters
Qualifications
Required
- Must possess and be able to maintain a TS/SCI clearance with Poly
- BS 10-12, MS 8-10, PhD 5-7
- 10 years of management experience in information security as well as vulnerability management
- Strong leadership and project management abilities
- Excellent communication skills (both written and verbal)
- Ability to work with both technical and non-technical stakeholders
- Problem-solving and analytical thinking skills
- Ability to work under pressure and manage multiple priorities
- CISSP-ISSEP certified
- CISSP-ISSAP certified
- Relevant IA experience in:
- IA systems security engineering
- E2E Engineering of a system or system component to include concept, design, development, implementation, and or integration
- Proficiency in risk assessment and mitigation strategies
- Knowledge of vulnerability management processes and tools
- Expertise in information assurance and cybersecurity principles
- Proficiency in system administration and network security
Desired
- STEM degree(s) in Computer Science, Information Technology, Cybersecurity, or a related field
- Experience with government and military IT systems, particularly in the IC and DoD environments
- Understanding of IC and DoD organizational structures and processes
- Familiarity with government reporting requirements and procedures
- Demonstrated ability to develop innovative solutions for complex technical problems
- Recognition as an authority in information security within previous roles
- Experience in developing and implementing security policies and procedures
- Familiarity with security frameworks such as DIACAP, NIACAP, NIST SP 800-37, and DCID 6/3
- Experience with DITSCAP and other relevant security guidelines
- Knowledge of federal laws and regulations related to information security
EEO Statement
We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.
group id: 91130308
