Job Summary: 

• Perform configuration and maintenance for vulnerability scanning infrastructure.
• Utilize open and closed source intelligence concerning vulnerability information to develop threat assessment and provide mitigation recommendations.
• Obtain certification and accreditation for departmental systems through the creation of process documentation support, assist with unit or University-wide process documentation.
• Participate in the establishment of program control processes to ensure risk mitigation.
• Perform periodic audits (NIST 800-171, NIST 800-53, CMMC) of departmental systems under general supervision.
• Perform testing, creation of deployment plans and analysis to remediate any adverse actions.
• Participate in the implementation of required policies, procedures, and configurations, make recommendations for improvements.
• Participate in the preparation of requirements and procedures for forensic preservation.
• Conduct hardware and software analysis in support of approved resources concerning enterprise risk.
• Monitor the corrective actions of departmental system audits, draft documentation of Plan of Action and Milestones (POAM) for review.

Skills on Resume: 

• Vulnerability Scanning (Hard Skills)
• Threat Assessment (Hard Skills)
• Risk Mitigation (Hard Skills)
• Process Documentation (Soft Skills)
• NIST Compliance Auditing (Hard Skills)
• Deployment Planning (Hard Skills)
• Policy Implementation (Soft Skills)
• Forensic Preservation (Hard Skills)

Job Summary: 

• Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed. 
• Understand the business functions to help ensure business is conducted as securely as possible.
• Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs. 
• Guide remediation as well as develop corrective action plans for each POA&M.
• Provide continuous monitoring and event-driven monitoring management services to include running ad-hoc or on-demand scanning of project teams' environments. 
• Identify assets and associated vulnerabilities and provide recommendations for remediation. 
• Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
• Provide configuration management (CM) for information system security software, hardware, and firmware, manage changes to the system and assess the security impact of those changes.
• Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship. 

Skills on Resume: 

• Operational Security Management (Hard Skills)
• Business Function Analysis (Soft Skills)
• Systems Security Documentation (Hard Skills)
• POA&M Management (Hard Skills)
• Remediation Planning (Hard Skills)
• Continuous Monitoring (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Configuration Management (Hard Skills)

Job Summary: 

• Lead, conduct, develop, validate, and submit information system security plans, security test and evaluation plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements
• Lead, conduct, develop, plan, and coordinate risk assessments of information systems in development, test, production and research environments by established or newly determined compliance/audit requirements
• Monitor and assist in the assessment and review of systems and networks within the environment to identify where systems/networks deviate from acceptable configurations, enclave policy, and local policy
• Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable
• Assist in technical requirements such as vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis
• Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
• Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
• Keep up to date with developments in IT security standards and threats.
• Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences
• Research and stay current on industry best practices.

Skills on Resume: 

• Information Security Planning (Hard Skills)
• Risk Assessment Coordination (Hard Skills)
• Configuration Assessment (Hard Skills)
• Compliance Training Development (Soft Skills)
• Vulnerability Scanning (Hard Skills)
• Communication Skills (Soft Skills)
• Technical Reporting (Hard Skills)
• Industry Research (Soft Skills)