Job Requirements
Redstone Arsenal, AL
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
POSITION: Cybersecurity Lead
LOCATION: Huntsville, AL
SCOPE: Serves as a Cybersecurity on a major IT services contract for the U.S. Army
RESPONSIBILITIES:
· Develop and deliver cyber artifacts to support the RMF process for each modernization project. Provide the Government with all assessment artifacts necessary for technical and security review.
· Prior to production deployment, any recommended technology must receive formal approval from the Government and be authorized for incorporation into ATEC network boundaries.
· These include: network boundary diagram, hardware list, software list, completed Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs), list of cyber artifacts, encryption methods, system enterprise and information security architecture diagram, and information flow diagram.
· Ensure network components (including wireless and fiber technologies) are securely integrated into the existing Army environment.
· Ensure proper encryption, implement access controls and document cybersecurity controls for compliance and audit purposes.
· Provide necessary artifacts to meet RMF requirements for the deployed systems under this TO.
· To accompany the capabilities deliverable, all artifacts which support obtaining an Army RMF Authorization to Operate (ATO) related to the network components must be provided to each site in accordance with the U.S. ARCYBER and U.S. Army NETCOM standards.
· These artifacts include: network boundary diagram, hardware list, software list, system enterprise and information security architecture diagram, information flow diagram, and created Plans of Actions and Milestones (POAMs) that capture rationale and mitigations for vulnerabilities or configurations that cannot be applied.
· Perform patch management and security update operations support to maintain operating environment compliance until turnover of site is complete. Verify that unpatched vulnerabilities are documented and approved by the Authorizing Official via a POAM.
· Responsible for patch and security update support, including:
· Authoring and maintaining SOPs, policies, and appropriate patch/security documentation, including policies detailing patch and security update processes and procedures.
· Providing oversight and periodic review of the patch management process.
· Deploying and managing all patch/security update operations.
· Performing patch and security update deployment testing.
· Providing patch and security update status reports.
· Complying with DoD rules and regulations governing patch and security update operations.
· Ensuring end-point security tools operate in compliance with all devices and monitor, alert, troubleshoot non-compliance incidents.
· Developing, updating, and maintaining existing and future baseline documentation of each system and application, including designs, build procedures, requirements documents, test procedures, problem reports, software code, and system knowledge base. Final documentation must be approved by the Government.
· Safeguard all Government data according to Cybersecurity Maturity Model Certification (CMMC) standards and all applicable regulations regarding this subject.
· Follow the processes and procedures required for achieving CMMC Level 3 certifications and utilize authorized CMMC Level 2 Self Assessments to assess existing DoD cybersecurity requirements.
· Assessment results shall be uploaded to CMMC Enterprise Mission Assurance Support Service (eMASS) within ten business days.
· Safeguard and encrypt all DoD emails in order to conduct regular correspondence and send products that are related to projects and Government day-to-day operations over acceptable DoD means of communication.
QUALIFICATIONS:
· Required Certifications (CAP, CompTIA Advanced Security Practitioner (CASP)
· GIAC Security Leadership (GSLC) (GLSC)
· Certified Information Systems Security Manager (CISSM), or Certified Information Systems Security Professional (CISSP)
· Possess an industry certification and demonstrated success executing deploying the technical solution in an environment similar in size and scope to the requirement.
· Minimum of five years’ experience (within the last seven years) in the field of DoD Information Systems Security and/or Cybersecurity
· Minimum of five years’ experience (within the last seven years) creating RMF packages and entering the data into eMASS to obtain an ATO/Authority to Connect, including all the ancillary artifacts. Minimum of one year experience working U.S. Army RMF processes.
SECURITY CLEARANCE: Active DoD Secret Clearance
BENEFITS: We designed our employee benefits program around the goal of improving the quality of life for each employee. We offer some of the most competitive benefits in the industry to include Medical, Dental, Vision, and Life Insurances; Short- and Long-Term Disability; Paid Leave, Holidays, Bereavement, Military, and Jury Duty; 401(k) Retirement Plan, Flexible Spending Account, Dependent Care, Health Savings Account, Tuition/Training Assistance, and Referral Bonuses.
LOCATION: Huntsville, AL
SCOPE: Serves as a Cybersecurity on a major IT services contract for the U.S. Army
RESPONSIBILITIES:
· Develop and deliver cyber artifacts to support the RMF process for each modernization project. Provide the Government with all assessment artifacts necessary for technical and security review.
· Prior to production deployment, any recommended technology must receive formal approval from the Government and be authorized for incorporation into ATEC network boundaries.
· These include: network boundary diagram, hardware list, software list, completed Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs), list of cyber artifacts, encryption methods, system enterprise and information security architecture diagram, and information flow diagram.
· Ensure network components (including wireless and fiber technologies) are securely integrated into the existing Army environment.
· Ensure proper encryption, implement access controls and document cybersecurity controls for compliance and audit purposes.
· Provide necessary artifacts to meet RMF requirements for the deployed systems under this TO.
· To accompany the capabilities deliverable, all artifacts which support obtaining an Army RMF Authorization to Operate (ATO) related to the network components must be provided to each site in accordance with the U.S. ARCYBER and U.S. Army NETCOM standards.
· These artifacts include: network boundary diagram, hardware list, software list, system enterprise and information security architecture diagram, information flow diagram, and created Plans of Actions and Milestones (POAMs) that capture rationale and mitigations for vulnerabilities or configurations that cannot be applied.
· Perform patch management and security update operations support to maintain operating environment compliance until turnover of site is complete. Verify that unpatched vulnerabilities are documented and approved by the Authorizing Official via a POAM.
· Responsible for patch and security update support, including:
· Authoring and maintaining SOPs, policies, and appropriate patch/security documentation, including policies detailing patch and security update processes and procedures.
· Providing oversight and periodic review of the patch management process.
· Deploying and managing all patch/security update operations.
· Performing patch and security update deployment testing.
· Providing patch and security update status reports.
· Complying with DoD rules and regulations governing patch and security update operations.
· Ensuring end-point security tools operate in compliance with all devices and monitor, alert, troubleshoot non-compliance incidents.
· Developing, updating, and maintaining existing and future baseline documentation of each system and application, including designs, build procedures, requirements documents, test procedures, problem reports, software code, and system knowledge base. Final documentation must be approved by the Government.
· Safeguard all Government data according to Cybersecurity Maturity Model Certification (CMMC) standards and all applicable regulations regarding this subject.
· Follow the processes and procedures required for achieving CMMC Level 3 certifications and utilize authorized CMMC Level 2 Self Assessments to assess existing DoD cybersecurity requirements.
· Assessment results shall be uploaded to CMMC Enterprise Mission Assurance Support Service (eMASS) within ten business days.
· Safeguard and encrypt all DoD emails in order to conduct regular correspondence and send products that are related to projects and Government day-to-day operations over acceptable DoD means of communication.
QUALIFICATIONS:
· Required Certifications (CAP, CompTIA Advanced Security Practitioner (CASP)
· GIAC Security Leadership (GSLC) (GLSC)
· Certified Information Systems Security Manager (CISSM), or Certified Information Systems Security Professional (CISSP)
· Possess an industry certification and demonstrated success executing deploying the technical solution in an environment similar in size and scope to the requirement.
· Minimum of five years’ experience (within the last seven years) in the field of DoD Information Systems Security and/or Cybersecurity
· Minimum of five years’ experience (within the last seven years) creating RMF packages and entering the data into eMASS to obtain an ATO/Authority to Connect, including all the ancillary artifacts. Minimum of one year experience working U.S. Army RMF processes.
SECURITY CLEARANCE: Active DoD Secret Clearance
BENEFITS: We designed our employee benefits program around the goal of improving the quality of life for each employee. We offer some of the most competitive benefits in the industry to include Medical, Dental, Vision, and Life Insurances; Short- and Long-Term Disability; Paid Leave, Holidays, Bereavement, Military, and Jury Duty; 401(k) Retirement Plan, Flexible Spending Account, Dependent Care, Health Savings Account, Tuition/Training Assistance, and Referral Bonuses.
group id: 10124333