Cyber Security Specialist

Program Overview

About The Role

Cyber Protection, Assessment and Authorization, and Risk Management Framework (RMF). Provides cybersecurity functional support for assessments, authorizations, and documentation Enterprise-fielded systems managed by NETCOM HQ. Efforts include using the Enterprise Mission Assurance Support Service (eMASS) to record RMF activities such as control implementation of all applicable security controls as identified via information system security categorization in accordance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and Committee on National Security Systems Instructions (CNSSI) 1253. The number of families and controls will vary depending on the security categorization, the application of overlays (privacy, classified, intel, etc.) and any security control tailoring.
• Adhere to the DoD cybersecurity policy requirements set forth in DoDI 8500.01, “Cybersecurity,” and DoDI 8510.01, “Risk Management Framework (RMF) for DoD Information Technology (IT)” and their successors.
• Provide personnel with knowledge in DoD security hardening, collection, and assessment tools (includes: Security Technical Implementation Guide (STIGs); Assured Compliance Assessment Solution (ACAS) SCAP; Nessus; or other currently Government-approved tools) and expertise with security architectures, firewalls, and network access.
• Possess and retain knowledge of the RMF Knowledge Service - the DoD’s official site for enterprise RMF policy and implementation guidelines.
• Review any RMF activities on behalf of NETCOM ensuring adherence to the operational ETPs and Operations Orders hosted on the US Army Component Workspace – Operations tab of the RMF Knowledge Service. The ETPs provide amplifying guidance and process implementation for the Army regarding RMF.

Qualifications

Basic Qualifications:

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Certifications: DCWF Code 722 Advanced: Certified Information Security Manager (CISM) or Certified Information Systems Security Officer (C)ISSO) or Certified Information Systems Security Professional (CISSP) or Federal IT Security Professional-Manager-NG (FITSP-M) or GIAC Certified Incident Handler (GCIH) or GIAC Certified Intrusion Analyst (GCIA) or GIAC Cloud Security Automation (GCSA) or GIAC Global Industrial Cyber Security Professional (GICSP) or GIAC Security Essentials Certification (GSEC) or GIAC Security Leadership Certification (GSLC) or Information Systems Security Management Professional (ISSMP)
• Possess a Secret clearnace with the ability to obtain a Top Secret w/SCI security clearance
• Ability to conduct vulnerability assessments and monitor networks to support test and operational environment requirements.
• Solid understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.