Overview/ Job Responsibilities Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support. Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS. We're looking for an Information Assurance Specialist (Junior) to assist our customer in overseeing and supporting Information Security Control Assessments, Intrusion Defense Chain FISMA Metrics Tracking, and a Industry Cyber Hygiene Data Assessment Program. The candidate will support Information System Security Control Assessments, including:
- Assisting in development and maintenance of an overall Security Assessment Schedule.
- Assisting in development testing artifacts for each system including as appropriate Rules of Engagement, a technical assessment plan, Security Requirements Traceability Matrix, Security Assessment Report, and other necessary documentation.
- Assisting in the scheduling and performing technical assessments of systems and applications to determine the severity of security control weaknesses.
- Supporting assessments through reviewing system security documentation, vulnerability scan results, audit logs, configuration guides, and any other additional material provided by the system and system stakeholders.
- Documenting results of assessments in the compliance tool utilizing a standard reporting format for recording assessment results and findings along with recommended mitigations.
- Updating and maintaining all testing templates and standard operating procedures.
- Collecting and storing all final materials and media.
The Information Assurance Specialist (Junior) will support Intrusion Defense Chain FISMA Metrics Tracking, including:
- Assisting in the testing the ability to properly classify malicious logic investigations using the Intrusion Defense Chain (IDC) Framework
- Assisting in creation of example malicious logic and disseminate to all DHS Components
- Assisting in the tracking and reporting compliance and accuracy in classifying malicious logic using the IDC Framework
- Assisting in creation and maintenance of IDC Metrics for the annual Information Security Performance Plan
The Information Assurance Specialist (Junior) support the customer's Industry Cyber Hygiene Data Assessment Program, including:
- Assisting in establishment, documentation, and continual refinements of CONOPS and standard operating procedures documentation for the Cyber Hygiene Assessment (CHA) Team
- Assisting in development and maintenance of a management schedule for all CHA data analysis and assessment activities
- Assisting with coordination of CHA personnel to collect artifacts, define scope and establish governance functions for assessments and analysis of industry cyber hygiene data
- Assisting in establishment of performance metrics and process improvement criteria stemming from the results of industry cyber hygiene assessments and analysis
- Assisting in evaluation of results and providing recommendations in determination of industry cyber hygiene maturity
- Assisting in creating of both draft and final deliverable reports stemming from industry assessments and analysis for Federal CHA program personnel consumption and review
- Assisting in development, maintenance, and updating any additional program documentation on an ongoing basis
Minimum Qualifications
- BA or BS degree, preferrably in Information Security, Information Systems, Cybersecurity, Information Technology/Network Administration or related discipline, or 2-4 years of direct experience may be substituted in lieu of degree
- Knowledge and experience with the Risk Management Framework (RMF)
- Knowledge of federal security standards, frameworks, and directives, including NIST, OMB, and DHS
- Experience supporting Information Assurance activities
- Understanding of the Security Authorization and ATO requirements and processes
- Must possess one (1) or more of the following IAT Level II certifications: GSEC - GIAC Security Essentials; CompTIA Security+ CE; or SSCP - Systems Security Certified Practitioner
- Excellent communication skills
- A successful track record of providing excellent customer service
- Knowledge of organizational cybersecurity hygiene best practices
- Ability to provide proof of U.S. Citizenship in order to get a DHS Public Trust
Desired Qualifications
About Sev1Tech LLC Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country. Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: #joinSev1tech For any additional questions or to submit any referrals, please contact: ...@sev1tech.com Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.