Job Summary: 

• Manage entry of Certification and Accreditation (C&A) artifacts into the Enterprise Mission Assurance Support Service (eMASS)
• Manage IA compliance across multiple systems and networks, performing reviews, identifying deficiencies, and implementing Plan of Action and Milestones (POA&M)
• Manage Public Key Infrastructure Keys for system identification and authentication, System Administration
• Administer web applications, including SharePoint and Milsuite, including the full scope of system lifecycle management, such as User Administration, Knowledge Management, and Risk Management
• Manage Website content, including a Website Management Plan and associated project schedules
• Administer and troubleshoot network interfaces, including Virtual Private Network (VPN) connections
• Document Problem Status Reports / After Action Reports to identify root cause and facilitate continuous process improvement
• Prepare Disaster Recovery (DR)/Continuity of Operations Plan (COOP) to mitigate system outages and ensure availability
• Test DR/COOP actions on an annual basis
• Maintain Access Control Lists (ACLs)s which document all users and privileges
• Prepare and report daily health checklists and conditions on each system

Skills on Resume: 

• Cybersecurity Compliance (Hard Skills)
• System Administration (Hard Skills)
• Risk Management (Hard Skills)
• Disaster Recovery (Hard Skills)
• Access Control (Hard Skills)
• Problem Solving (Soft Skills)
• Process Improvement (Soft Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Create and maintain information security-related documentation
• Implement, maintain, and monitor security controls
• Achieve and maintain Authorization to Operate information systems
• Maintain operational security posture for information systems
• Provide security-related training and guidance to program staff
• Provide supervision and guidance to less experienced members of the Information Awareness team
• Conduct regular audits to ensure systems are operated securely
• Researches, evaluates, tests, communicates, and implements new security software or devices
• Responds to queries and requests for computer security information and reports
• Provide supervision and guidance to less experienced members of the Information Awareness team
• Provides expert knowledge of Navy network systems to include LAN/wide area network, ADNS and ISNS
• Facilitate the operational readiness of the Aegis Ashore Missile Defense System (AAMDS)
• Acts as the technical lead to conduct system administrative and troubleshooting duties
• Provides ISNS and ADNS engineering to ensure ADNS network support is fully integrated into the A3C4I system and interoperable with other ship and shore nodes, as well as AEGIS BMD requirements

Skills on Resume: 

• Information Security (Hard Skills)
• Security Controls (Hard Skills)
• Authorization Management (Hard Skills)
• Operational Security (Hard Skills)
• Audit Compliance (Hard Skills)
• Team Leadership (Soft Skills)
• Technical Troubleshooting (Hard Skills)
• Stakeholder Guidance (Soft Skills)

Job Summary: 

• Develop and implement an active Information Assurance Vulnerability Management (IAVM) Program
• Ensuring the continued compliance with Information Assurance Vulnerability Alerts (IAVA), Bulletins, and Technical advisories throughout the life-cycle of the information systems
• Maintain network integrity by accepting responsibilities in areas of configuration management and control, systems updates and modifications, and systems security
• Develop and maintain a Cyber Security (CS) Program in accordance with DOD, DON, local and NCTAMS LANT CS established policies, requirements, and inherited controls for Information Systems
• Project managed the migration of the Business Continuity planning to a new system
• Liaison within business and support functions to retain ISO22301 certification
• Maintain core ISO 22301 documentation
• Support the Operational Resilience team in its activities including testing and exercising
• Act as the engagement manager for at least two vendors
• Facilitate at least one ISO 27001 surveillance audit and internal audit
• Maintain core ISO 27001 documents, e.g., policies, procedures, ISMS review, SOA, internal audit methodology and scheduling, Corrective Action Workflow, etc.
• Support the information risk team with approvals, questionnaire responses, etc.
• Manage the rollout and tracking of annual eLearning

Skills on Resume: 

• Vulnerability Management (Hard Skills)
• Configuration Management (Hard Skills)
• Cybersecurity Program (Hard Skills)
• Business Continuity (Hard Skills)
• ISO Compliance (Hard Skills)
• Operational Resilience (Soft Skills)
• Vendor Management (Soft Skills)
• Risk Support (Soft Skills)

Job Summary: 

• Own the development of GRC components within the security roadmap, working with Security Operations and Leadership to deliver functional requirements
• Implement a risk management framework to drive decision-making and provide visibility through a clear reporting and consultation process
• Build, deliver, and maintain a policy suite that applies to the platform and adheres to ISO27001
• Provide expertise and consultation on all privacy matters for the platform from a security standpoint
• Develop and lead an assurance program that demonstrates appropriate compliance and supports business audit requirements
• Ensure relevant training and awareness programs are delivered, tracked and continuously developed
• Enable the Siteimprove platform delivery whilst maintaining alignment with the business
• Responsible for all aspects of Information Assurance of the developed and implemented system and providing a single point of contact for this functional area
• Responsible for the identification and analysis of system security, Privacy Act and Information Security requirements
• Design, develop, engineer and implement solutions that meet security requirements
• Provide integration and implementation of the system security solution
• Develop and update documentation to support the security posture of the system

Skills on Resume: 

• GRC Development (Hard Skills)
• Risk Management (Hard Skills)
• Policy Management (Hard Skills)
• Privacy Expertise (Hard Skills)
• Assurance Program (Hard Skills)
• Training Delivery (Soft Skills)
• Security Engineering (Hard Skills)
• Stakeholder Consultation (Soft Skills)

Job Summary: 

• Ensure that the department's information asset register is up to date, accurate and useful
• Work with Information Asset Owners to ensure they understand their responsibilities, provide training, advice and guidance to staff
• Establish a programme of information asset reviews and establish regular reporting to the DRO and other managers in line with internal standards
• Work with technical specialists and the IT supplier to develop an understanding of information and data holdings
• Exploit the O365 toolset to develop IM solutions to support processes
• Develop and maintain information compliance and assurance policies and procedures
• Manages Cyber Security Cell responsibilities and reporting requirements
• Manages and Reviews Engineering and Policy Documents to ensure the appropriate STIGs and Security Policies are considered and reviewed
• Responds to the Technical Analysis and Response Cell TARC concerning open information assurance vulnerability management (IAVM) and Cyber Tasking Orders (CTOs)
• Upkeeps engineering documentation with the EACN ISSM in support of the Risk Management Framework (RMF) Certification and Accreditation (C&A)
• Coordinates with the Network Engineers and Systems administrators to identify, track and resolve viable risks

Skills on Resume: 

• Asset Management (Hard Skills)
• Staff Training (Soft Skills)
• Information Compliance (Hard Skills)
• Policy Development (Hard Skills)
• Cybersecurity Oversight (Hard Skills)
• Risk Management (Hard Skills)
• Collaboration (Soft Skills)
• Technical Analysis (Hard Skills)

Job Summary: 

• Leads the design, development and implementation of programs, procedures and systems for secure facilities
• Ensures facility compliance with requirements for classified information system processing
• Assesses and mitigates system security threats and risks
• Implements security designs in hardware, software, data, and procedures
• Maintains knowledge of applicable policies, regulations, and compliance documents related to classified computing assets and environments
• Review various operating systems such as Windows and Linux, for compliance with the Joint SAP Implementation Guide and standards
• Audits information technology systems
• Ensures periodic self-inspections are conducted
• Leads the recommendation of resource allocation to ensure requirements are met
• Represents the organization as a primary contact with internal and external representatives
• Provides user training and participates in the development of curriculum and course content
• May function in a leadership role by providing direction to Information System Security Officers
• Maintains the strict confidentiality of sensitive information

Skills on Resume: 

• Facility Security (Hard Skills)
• Threat Assessment (Hard Skills)
• Security Design (Hard Skills)
• Regulatory Compliance (Hard Skills)
• System Auditing (Hard Skills)
• Resource Allocation (Soft Skills)
• User Training (Soft Skills)
• Confidentiality Management (Soft Skills)

Job Summary: 

• Lead a team of Information System Security Officers and security analysts for multiple programs across different agencies
• Provide status reports and updates for the SAS team to the appropriate Cybersecurity and Solutions Practice leadership as the need arises
• Ensure team members complete time sheets and annual, quarterly, monthly, and weekly system FISMA and accreditation-related system work on time
• Coordinate, manage and execute projects/assessments/tasks by the respective SAS members
• Ensure that assigned information systems (IS) are operated, maintained, and disposed of in line with approved security policies and practices 
• Serve as a security authority in at least 2 US-based CGI industry sectors, such as healthcare, finance, insurance, energy, or state and local government
• Analyze and design controls to secure on and off-premises private, public, community, and hybrid cloud environments
• Participate in ongoing security-related activities in support of new or existing client contracts
• Coordinate and participate in the preparation of document packages for regulatory submissions from all areas of the company as well as for internal and external audits and inspections
• Analyze business activities and operations for risk and implement and evaluate compliance with business risk-reduction policies, processes and standards
• Assist in assessing and responding to public sector bid solicitations

Skills on Resume: 

• Team Leadership (Soft Skills)
• Project Management (Soft Skills)
• System Compliance (Hard Skills)
• Security Authority (Hard Skills)
• Cloud Security (Hard Skills)
• Regulatory Audits (Hard Skills)
• Risk Analysis (Hard Skills)
• Client Engagement (Soft Skills)

Job Summary: 

• Serve as the principal advisor on all matters, technical and otherwise, involving the security of classified information systems under their purview
• Deliver information security support and design solutions fulfilling customer requirements while adhering to DoD security policies and compliance mandates
• Perform assessments of systems and networks within the networking environment or enclave
• Identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy, which is achieved through passive evaluations, such as compliance audits and active evaluations such as vulnerability assessments
• Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems
• Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections and periodic audits
• Ensures the implementation of the Risk Management Framework (RMF) through the required government policy
• Makes recommendations on process tailoring
• Participates in and documents process activities
• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards
• Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports
• Document the results of Assessment and Authorization activities and technical or coordination activities 
• Prepare the System Security Plans and update the Plan of Actions and Milestones POA&M
• Periodically conduct a complete review of each system’s audits and monitor corrective actions until all actions are closed
• Manage all IA-related support functions including installation, configuration, troubleshooting, assistance, and/or training, in response to customer requirements for the network enclave

Skills on Resume: 

• Security Advisory (Soft Skills)
• System Assessment (Hard Skills)
• Vulnerability Analysis (Hard Skills)
• Risk Management (Hard Skills)
• Process Control (Hard Skills)
• Compliance Audits (Hard Skills)
• Security Documentation (Hard Skills)
• Customer Support (Soft Skills)

Job Summary: 

• Provide oversight and guidance of IA personnel performing system analysis, looking for patterns of non-compliance
• Ensure appropriate administrative or programmatic actions that minimize security risks and insider threats
• Manage account processes, network rights, and access to Computing Environment (CE), network environment systems and equipment
• Manage the remediation/mitigation of security violations to determine if the network environment has been breached, assess the impact, and preserve the evidence
• Provide oversight and guidance, ensuring systems are properly configured, optimized, and tested, ensuring all policy and technical requirements are met
• Manage all IA-related processes and procedures in the development and implementation of access control lists on routers, firewalls, CE, printing devices, and other network devices
• Assess the performance of IA security controls within the environment
• Develop and implement an effective IS security education, training, and awareness program
• Manage, maintain, and execute the IS continuous monitoring plan
• Identify IA vulnerabilities resulting from a departure from the implementation plan or that were not apparent during testing
• Perform control validation and remediation validation of network servers, routers, and switches to ensure they comply with security policy, procedures, and technical requirements
• Evaluate potential IA security risk and take appropriate corrective and recovery action
• Ensure that hardware, software, data and facility resources are archived, sanitized, or disposed of in a manner consistent with system security plans and requirements
• Provide oversight and guidance to system administrators implementing applicable patches to maintain oversight and validation of all security-related updates, including Cyber Tasking Order compliance

Skills on Resume: 

• System Oversight (Soft Skills)
• Threat Mitigation (Hard Skills)
• Access Management (Hard Skills)
• Incident Response (Hard Skills)
• Configuration Management (Hard Skills)
• Security Training (Soft Skills)
• Continuous Monitoring (Hard Skills)
• Control Validation (Hard Skills)

Job Summary: 

• Identifying and analysing cybersecurity risks and providing advice to risk owners
• Conducting assurance reviews against standards-based compliance requirements
• Conducting Privacy Impact Assessments
• Managing continuous assurance lifecycle processes within operational environments
• Producing assurance evidence and reports for stakeholders
• Producing and implementing cybersecurity policies
• Evaluating the business impact of security incidents
• Providing advice and guidance on meeting security-related statutory and regulatory requirements
• Assessing security control designs and configurations for effectiveness in risk management
• Developing trusted relationships with security stakeholders
• Implement and maintain security policies and processes
• Managing the delivery of security assurance services for projects
• Analysing security industry trends

Skills on Resume: 

• Cybersecurity Risk (Hard Skills)
• Compliance Reviews (Hard Skills)
• Privacy Assessment (Hard Skills)
• Policy Implementation (Hard Skills)
• Incident Evaluation (Hard Skills)
• Risk Management (Hard Skills)
• Stakeholder Relations (Soft Skills)
• Industry Analysis (Hard Skills)