Are you ready for change? We are looking for the best and brightest cyber security integrators to join our winning and innovative information technology team!
This position will be responsible for conducting document review of Security System Plans (SSP) and System Concept of Operation (CONOP) while working closely with the sponsor and security SMEs to coordinate the planning, scheduling, and testing of projects in the Assessment & Authorization (A&A) process. The candidate would be expected to employ strong technical and organizational skills to coordinate requirements and deliverables with the customer; maintain statistical data; document best practices; schedule and prioritize of tasks; gather inputs; and prepare monthly metrics. Duties could also include but are not limited to, responding to data calls, maintaining oversight for all incoming projects, and providing 503 guidance for IT Authorization.
Additional duties shall include, but not be limited to:
• As the focal point for all new cyber security system registrations and development requests, the candidate shall create, coordinate, support, participate, and communicate the Program Council’s Agenda, meeting minutes, action items, and IPC Chair determinations.
• Prepare security adjudication requests for IPC review and triage.
• Create, draft, and/or review Cyber Security program/security documentation, generate formal documentation, and participate in system and program reviews.
• Review program and security plans to identify inconsistencies / vulnerabilities, ensure impacts are identified, understood, and communicated.
• Manage/update project schedule(s) to ensure coordination and information flow occurs between all programs and organizational managers.
• Develop and monitor sponsor website (Council news and minutes) content to ensure it is up to date and accurate.
• Leverage cyber and project management skills to assure quality products are consistently provided to customers in a timely manner and prepare/schedule any assigned control gate reviews for project teams.
Davis Unlimited Information Technologies, Inc. (DUIT) is a woman owned, minority owned small business information technology consulting company. We have opportunities for advancement and our salaries and benefits are competitive. Check us out on the web at www.duit.us!
We do things differently at DUIT! Contact us to find out how. Together, we can DUIT!
Applicant must have an active security clearance and security background check in order to be considered for this position. If you have already completed a background check/clearance, then that is a plus!
1. A Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required.
2. At least three years of demonstrated experience with Information Security principles, issues, and technology.
3. At least three years of demonstrated experience with the life-cycle support in the areas of maintenance, administration, and management.
4. At least three years of demonstrated experience with quality assurance and documentation review.
5. At least two years of demonstrated experience traditional A&A using NIST Special Publications (SPs) including SP800-53 Rev 3 & 4 and SP800-37.
6. At least five years of demonstrated experience with information security policies and guidance, as well as assisting in researching, evaluating and developing relevant security policies and guidance.
1. At least five years of demonstrated experience exhibiting communication skills with senior level management.
2. At least five years of demonstrated experience Microsoft Word, Excel and SharePoint.
3. At least three years of demonstrated on the job working knowledge of cyber security principles for Linux, Windows and virtual platforms.
4. At least five years of demonstrated experience with, and knowledge of, IT security architecture and engineering.
5. At least two years of demonstrated familiarity with the Customer environment (data and voice networks, IT security systems, policies and procedures).
6. Any of the below certifications would be desired:
ISACA Certified Information Systems Auditor (CISA)
SCP Security Certified Network Architect (ISC)
Certified Authorization Professional (CAP)
GIAC Systems and Network Auditor (GSNA)
Certified Information Systems Security Professional (CISSP)
PMI Project Management Professional (PMP) certification
GIAC Security Leadership (GSLC)
ISACA Certified Information Security Manager (CISM)
Relevant hands-on technical certification (e.g., Microsoft MCSE)
ITIL Foundation certification