HiringCafe
Posted 10mo ago

Senior Cyber Security SME

@ Steampunk
View All Jobs
McLean, Virginia, United States
RemoteFull Time
Responsibilities:Lead team, Train ISSOs, Mentor junior ISSOs
Requirements Summary:Bachelor’s degree in IT-related field; 8+ years IA experience with 3+ years FISMA-related; ability to obtain US government security clearance; leadership experience.
Technical Tools Mentioned:Azure
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Design. Disrupt. Repeat. 

Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is looking for an experienced Information Systems Security Officer Team Lead with an appetite for taking on new challenges. 

The ISSO Team Lead serves as a Lead Cyber Security Specialist and will perform level III ISSO and/or ISSO support responsibilities as well as Team Lead responsibilities to include: 

  • Leading a team of ISSOs including prioritizing continuous monitoring schedules, performance management, and customer relationship management. 
  • Ensuring that all ISSOs within the program area are properly trained on ISSO activities. 
  • Providing security-related expertise and mentorship to junior ISSOs within the program area. 
  • Supporting personnel management activities for the program area team. 
  • Ensuring that security requirements for the assigned major application or general support system are being or shall be met.
  • Ensuring that requests for security authorization (also referred to as C&A) of assigned major application or general support systems are completed in accordance with the published procedures. 
  • Ensuring that protective measures for physical security threats are in place. 
  • Ensuring compliance with all legal requirements concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses. 
  • Maintaining an inventory of hardware and software within the program/development offices or field site facilities. 
  • Coordinating the development of a Contingency Plan and ensuring that the plan is tested and maintained. 
  • Ensuring risk analyses are completed to determine cost-effective and essential safeguards. 
  • Ensuring preparation of security plans for sensitive systems and networks. 
  • Attending security awareness and related training programs and distributing security awareness information to the user community as appropriate. 
  • Reporting IT security incidents (including computer viruses) in accordance with established procedures. 
  • Reporting security incidents not involving IT resources to the appropriate security office. 
  • Providing input to appropriate IT security personnel for preparation of reports to higher authority concerning sensitive and/or national security information systems. 

 

Job Requirements 

  • Bachelor’s Degree in related IT field 
  • Ability to obtain a U.S. government Security Clearance 
  • Eight years of IA experience; 3 of which must be FISMA-related  

 Required Skills 

  • Experience leading teams of information security professionals
  • Demonstrated ability to apply extensive knowledge of a variety of the IA field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems
  • Knowledge of NIST SP 800 family of publications, particularly those associated with risk management policy and procedures
  • Extensive specialized knowledge of financial audit standards, classified system IA requirements, Privacy Act requirements, or Critical Infrastructure Protection
  • Experience with evaluating systems, networks, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
  • Extensive knowledge and experience with three (3) of the four (4) following criteria: 
    • Vulnerability scanning execution, assessment, and analysis 
    • Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
    • Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
    • Application security, database security, and network security
  • Demonstrated ability to assess and weigh current and evolving security threats in an operational environment 
  • Knowledge of DHS Information Security Policy Directives and Handbooks
  • Experience with Azure

 Required possession of one or more professional security certifications, including but not limited to: 

  • Certified Information System Security Professional (CISSP) 
  • Certified Information Systems Auditor (CISA) 
  • Certified Ethical Hacker (CEH) 

 Preferred Skills 

  • Demonstrated ability to rely on extensive experience and judgment to plan and accomplish goals
  • Able to work effectively independently to solve problems quickly and completely
  • Ability to lead effectively and direct the work of others
  • Experience reporting to, communicating with, and/or collaborating with Federal program stakeholders
  • Experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems
  • Excellent oral and written communication skills
  • Management experience in leading a team of security professionals