GovernmentCIO

  • Cybersecurity Specialist, SME

    Job Locations US-DC
    Posted Date 3 months ago(8/14/2018 10:12 AM)
    Job ID
    2018-1467
    # of Openings
    1
    Category
    Information Technology
  • Overview

    GCIO is seeking a well-qualified Cybersecurity Specialist for the Community Oriented Policing Services (COPS) division of the Department of Justice. Performs assessment of present levels of Cybersecurity, defines acceptable levels of risk, trains all personnel in proper cyber hygiene and establishes formal maintenance procedures. Performs privacy impact assessments and provides PII data security and monitoring, migration strategies, and System Privacy Plans for DOJ systems. Identifies potential vulnerabilities to cyber and information security using penetration testing and red teams. Provides technologies for identification, modeling, and predictive analysis of cyber threats.

    Responsibilities

     

    The primary responsibility of the Cybersecurity Specialist is to support the objectives and mission of the COPS Office Cybersecurity Assessment and Networking Management, through oversight of support services that will enhance and expand the ability of the COPS Office to securely build custom software applications in current and potential Virtual Machine and Cloud-hosted environments using secure coding. The Cybersecurity Specialist must effectively plan, administer, and document penetration testing of built and managed applications while rapidly addressing potential vulnerabilities. The Cybersecurity Specialist must also manage mitigations to protect COPS Office applications and networks. This scope may include: multiple cybersecurity tasks to design, develop, acquire, deliver, transition, integrate, configure, test, validate, monitor, document, support, enhance, refresh, and upgrade COPS Office applications as well as networking needs with infrastructure and hosting providers. In compliance with the COPS Office business needs and federal mandates, the work will include support for analysis/verification and monitoring of service performance. The Cybersecurity Specialist shall provide oversight for comprehensive expert cybersecurity and networking support to the CIO by:

     

    • determining the impact of new technologies, software versions, or federal policy changes to application builds, web, networking, and maintenance;
    • determining the impact of new technologies, software versions, or federal policy changes to based tools, virtual, and Cloud environments, in accordance with 508 compliance;
    • conducting meetings, including preparing, documenting, and recording minutes;
    • providing expert analysis and documentation for various analytical efforts focused on COPS Office cybersecurity processes and procedures;
    • reviewing various draft documents and providing timely feedback to federal IT employees and appointed collaborative contractors for COPS Office business, infrastructure, and cloud hosting providers;
    • contributing to the further development, enhancement, and implementation of COPS Office information systems, cybersecurity assessments, communication plans, strategic and tactical goals, and objectives determined by the COPS Office IT federal management;
    • conducting mandated cybersecurity vulnerability scanning and penetration testing identifying potentially exploitable vulnerabilities of COPS Office information systems and applications while devising mitigation strategies and reports;
    • identifying and developing cybersecurity performance management metrics and reporting that includes performance measures, tracking metrics, and trend analysis;
    • generating regular and ad hoc COPS Office cybersecurity dashboards, reports, and/or metrics;
    • recommending development and maintaining monthly, quarterly, and annual FISMA reporting documents in COPS Office required format;
    • attending FISMA working group meetings as assigned by the CISO/ISSO.
    • assisting in researching and compiling FISMA reporting data, artifacts, and points of contact;
    • supporting and preparing documents for submission such as:
    • COPS Office Cybersecurity report templates and audit metrics
    • COPS Office Cybersecurity monthly report
    • COPS Office System Security Plan
    • COPS Office Certification and Accreditation
    • COPS Office Authority to Operate (ATO) and future federally mandated initiatives
    • using COPS Office and agency approved tools, maintaining FISMA documentation, artifact inventory, and Plan of Action & Milestone (POA&M) reports and testing in DOJ required format;
    • preparing FISMA reporting documents monthly, quarterly, and annually as required;
    • reporting on FISMA information systems and submitting POA&M reports monthly;
    • maintaining a tracking system of all COPS Office federal IT and COPS Office Change Control Board (CCB) information and relatable security and IT project-related deliverables (regularly scheduled and ad hoc implementations);
    • contributing to the further development, enhancement, and implementation of COPS Office audit responses to federal ad hoc reporting requirements;
    • updating cybersecurity project charters and project management plans monthly, quarterly, and yearly as required;
    • participating in special projects as required
    • being available 24/7 to respond to system outages; and security incidents;
    • preparing meeting agenda’s, minutes, and diagrams as required by COPS Office CIO and ISSO; and contributing to the further development, enhancement, and implementation of COPS Office and federally mandated compliance initiatives and policies such as but not limited to:
    • Homeland Security Presidential Directive 12 (HSPD-12)
    • Federal Information Processing Standards (FIPS)
    • Federal Information Security Management Act (FISMA)
    • NIST Risk Management Framework (RMF)
    • SP 800-53 and 53A Revision 4 (Security and Privacy Controls)
    • NIST SP 800-137 Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
    • NIST Security Content Automation Protocol (SCAP) Validated Products
    • Federal Risk and Authorization Management Program (FedRAMP)

    Qualifications

    MINIMUM TANGIBLE QUALIFICATIONS:

    • At least 10 Years of experience and an Advanced degree in Computer Science, Information Systems, Engineering, Business or a scientific or technical discipline related to a specific field, as well as additional applicable certifications related to the position.

     

    PREFERRED QUALIFICATIONS:

    • Certified Information Systems Security Professional (CISSP)
    • Certified Ethical Hacker (CEH)
    • Certified Authorization Professional (CAP)
    • Certified Network Defense Architect (CNDA)
    • Certified Information Systems Auditor (CISA)

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed