Penetration Tester / Threat Emulator
Agile Defense
Cyber SecurityPythonTypeScript
Information Systems Security Officer
Research Innovations Incorporated
full-time
Posted on:
Origin: • 🇺🇸 United States • Florida
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecurityLinuxTypeScript
About the role
- Define security requirements and design solutions, provide guidance and implement direction related to security technologies
- Apply Risk Management Framework (RMF) and NIST SP 800-53 controls to obtain and/or maintain Authority to Operate (ATO) for information systems
- Participate in the development of technical and management controls and implement services in accordance with NIST SP 800-171 for protecting Controlled Unclassified Information (CUI)
- Apply Defense Security Services (DSS) processes and NISPOM requirements, ICD-503, and CNSSI 1253 to new or existing information systems
- Perform analysis on security collected data and test results
- Identify and implement security design and prepare and maintain engineering and security related documentation
- Provide technical advice related to system security, vulnerabilities, security architecture and security policies
- Ensure rigorous application of information security and information assurance policies and procedures
- Oversee vulnerability assessments and define, negotiate, and execute Assessment and Authorization (A&A) events
- Conduct cybersecurity audits and risk assessments to ensure implementation and compliance of security posture
- Generate and maintain information security documentation including Systems Security Plans (SSP) and related RMF artifacts
- Schedule, perform and maintain records of required information system auditing, patching, maintenance, software/hardware changes, and malware scanning based on evolving threats and compliance requirements
Requirements
- Active US TS/SCI security clearance
- Minimum 3 years of hands-on experience with Information Assurance/Cybersecurity architecture, requirements, determination, development, and implementation
- Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) and/or USCYBERCOM
- Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows and Linux
- Experience with Information Assurance (IA) vulnerability testing and related network and system test tools (e.g., Security Content Automation Protocol (SCAP))
- Experience with information security toolsets such as anti-virus, security information and event management (SEIM), and/or HIDS/ NIDS
- Experience implementing DoD and Federal Risk Management Framework, IA Certification and Accreditation Processes, IA controls and developing and maintaining associated certification and accreditation documentation
- Experience applying Defense Counterintelligence and Security Agency (DCSA) processes and National Industrial Security Program Operating Manual (32 CFR/NISPOM) requirements, Intelligence Community Directive (ICD)-503 publications, and Committee on National Security Systems Instruction (CNSSI) 1253
- Assist in the implementation of required government policy (DAAPM, NISPOM, JSIG), recommend process tailoring, participate in and document process activities
- Self-starter requiring limited direction and supervision
- Experience with security audits, risk assessments, and vulnerability assessments
- (Even better) Experience working in collateral closed spaces, SCIFs and/or SAPF
Similar jobs on JobTailor
Senior Security Engineer, DLP
Navy Federal Credit Union
Cyber Security
Incident Response Engineer
Crypto.com
AWSAzureCloudCyber SecurityFirewallsGoLinuxMacOSPython
Senior Cyber Security Engineer, Suricata
EEOC
CloudCyber SecurityDockerKubernetesLinuxOraclePythonSplunkTypeScript
Application Security Architect
Jabil
AngularCloudCyber SecurityJavaNode.jsSDLCSOAPSQL