14 Feb Senior Cybersecurity Analyst Engineer
Position Title and Description: Senior Cybersecurity Analyst Engineer
Crucible Criminal Justice Programs (CCJP) is in search of a motivated, self-driven Senior Cybersecurity Analyst Engineer who works well independently, and is interested in working with Major Automated Information Systems (MAIS). Applicants must have a passion for their work, be innovative, and possess strong verbal and written communication and analytic skills. Candidates are expected to be focused and solution-oriented individuals. They must have experience with Department of Defense (DoD) and/or Department of Homeland Security (DHS) cybersecurity requirements and processes and the evaluation of network security using approved tools and best industry practices. If you are interested in having a direct impact on matters dealing with homeland and national security, this position is for you!
Under the guidance of the program manager, the Senior Cybersecurity Analyst Engineer leads the evaluation of network cybersecurity for major software systems. This individual leverages expertise in cybersecurity to plan and prioritize tasks, to coordinate government participation in cybersecurity test events, to oversee testing, and to analyze test results. The Senior Cybersecurity Analyst Engineer prepares reports of test results to include summaries of demonstration events, final test reports, and makes recommendations to improve cybersecurity.
Responsibilities and Duties:
- Support cybersecurity testing activities as directed and provide quality deliverables
- Develop the Cybersecurity Operational Test and Evaluation (OT&E) Strategy
- Review the Test and Evaluation Master Plan (TEMP) and provide comments on the planned approach to cybersecurity testing
- Identify measures and test methods for cybersecurity testing for inclusion in the TEMP and the Cybersecurity Test Plan
- Develop resource requirements to support cybersecurity testing
- Develop detailed test scripts to guide cybersecurity test events
- Coordinate resources and oversee cybersecurity testing
- Collect, reduce, analyze and archive cybersecurity test data
- Prepare reports summarizing results of cybersecurity testing
- Serve as the Senior Subject Matter Expert for cybersecurity testing
- Work in a cross-functional environment and with multiple internal and external stakeholders, coordinating, communicating and implementing customer requirements
- Demonstrate proficiency with Microsoft Office suite, MS Access and Excel, etc.
- Employ excellent written and verbal communication skills
Education: A bachelor’s degree in Information Technology or related field.
Experience: Must have at least 10 years of combined professional experience relevant to cybersecurity for DoD and /or DHS Security Networks, ideally as an IT Security Engineer, CISO, CIO, ISSM, ISSO or similar. A portion of this experience may be satisfied by experience in IT System Administration, software development, administration of a logistics management information system, participation in disaster response operations and/or oversight of computer network defense. Must exhibit a high degree of initiative and critical thinking skills in order to manage multiple priorities simultaneously in a fast-paced, deadline-driven, detail-oriented work environment. Must possess strong analytical, oral and written communication, and interpersonal skills. Be an excellent technical writer with the ability to develop reports and graphs based on the data analysis. Strong Microsoft Access, Excel, Word, and PowerPoint skills and knowledge of software tools for penetration testing are a must.
- CISSP (preferred)
- Knowledge of current DoD and/or DHS guidance for cybersecurity testing.
- Knowledge of capabilities and procedures for use of cybersecurity ranges, labs and other resources.
- Knowledge the Risk Management Framework (RMF) for cybersecurity
- Ability to evaluate and assess Security Plans, Security Assessment Plans, Cybersecurity Strategy, Program Protection Plan, Security Assessment Reports, RMF Plan of Action and Milestones, Security Authorization Package and Authorization Decision.
- Ability to develop a strategy and budget resources for cybersecurity assessments and authorization in a mission environment with a representative threat capability.
- Ability to deliver cybersecurity portions of the TEMP. The TEMP should detail how testing will provide the information needed to assess cybersecurity and inform acquisition decisions.
- Ability to develop test plans for cybersecurity testing in OT&E. This includes evaluation of capability to protect, detect, react and restore to sustain continuity of operations. Events should integrate RMF security control assessments with tests of commonly exploited and emerging vulnerabilities early in the acquisition lifecycle.
- Ability to plan and execute vulnerability and adversarial testing.
- Ability to develop an Integrated Evaluation Framework.
- Ability to prepare executive briefs summarizing cybersecurity testing plans, progress and results.
Location: Telework, Norfolk, VA and/or Washington, DC.
Citizenship and Security Clearance Requirements: Applicants must have a US citizenship. A current DoD SECRET clearance or DHS Suitability is desired. Successful applicants will need to successfully complete a background investigation (BI) prior to beginning work. Nothing in applicants’ history should prevent them from obtaining a security clearance.
Availability: This is a contingency position.
Contact: Steve Vigus, Business Development Manager, firstname.lastname@example.org
Crucible Criminal Justice Programs (CCJP), is a highly-specialized provider of technology, engineering, security solutions and other demanding technical requirements in the national security and mission-support operational space. We serve the full range of federal stakeholders and industry partners with a security cleared workforce, delivering a wide range of integrated professional and engineering services in support of national security and law enforcement missions. CCJP is a Virginia-based Small Business and is a wholly-owned subsidiary of Garud Technology Services, Inc.