Cyber Incident Management Specialist

  • Full-Time
  • Fort Belvoir, VA
  • Chenega MIOS
  • Posted 2 years ago – Accepting applications
Job Description

Summary

The Cyber Incident Management Specialist will provide cybersecurity for the development of software applications using Software Security principles and adhering to DoD IA and IT Standards for all Defense Stockpile Management System (DSMS) systems. They will investigate, analyze, and respond to cyber incidents within the network environment or enclave.

Responsibilities

  • Provide dedicated host-based security system administration and documentation support related to McAfee ePolicy Orchestrator (ePO), including knowledge of Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), Rogue System Detection (RSD), Policy Auditor (PA), and Virus Scan Enterprise (VSE).
  • Coordinate with other DSMS program teams, planning and creating cybersecurity architecture and design documents for all DSMS cybersecurity architecture ensuring it is compliant with DoD and other Federal IA policies and guidance.
  • Employ best practices when implementing security controls within an IS including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
  • Develop cybersecurity architecture and design plans for communication and collaboration products, operating system platforms including servers, devices, management products, applications, and overall security related to implementing these products.
  • Provide security engineering support for accreditation of DSMS.
  • Integrate cybersecurity expertise into lifecycle management, planning architecture and design management, migration and deployment, and system testing and implementation.
  • Research, develop test, and document architectures and solutions for implementing new cybersecurity technologies to provide more seamless information collaboration and cybersecurity capabilities for the program and its user base.
  • Develop and provide a criticality analysis of logic-bearing system components (e.g., hardware, firmware, and software) implementing, protecting, or introducing vulnerability(s) to each function.
  • Develop and update mission criticality analysis(-es), vulnerability assessment(s), risk assessments(s), and identification and counter measurement implementation(s) for Mission- Critical Functions; ensuring updated assumptions, rationale, and results related to the criticality analyses, vulnerability assessments, risk assessments, supply chain risk information, and risk mitigations are made available for Government review.
  • Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
  • Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
  • Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
  • Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
  • Identify security risks and exposures.
  • Determine the causes of security violations, and suggest procedures to halt future incidents and improve security.
  • Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
  • Provides guidance and leadership to less-experienced cybersecurity personnel.
  • Other duties as assgned.

Qualifications

  • B.S. degree in related field, like Computer Science, Data Processing, or Information Systems
  • Additional education, certification, training or work experience can be substituted in lieu of degree
  • 5+ years of Cyber related experience
  • Must have IASAE Level II Certificate such as CISSP, CASP-CE+, CSSLP, or CCSP
  • Must be able to pass background check
  • The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief

Knowledge, Skills and Abilities:

  • Advanced skills in problem-solving
  • Good work ethic and active desire to learn
  • Skillful time management and organizational skills to set and meet deadlines
  • Excellent written and oral communication skills
  • Ability to work both independently and within a team
  • Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement
  • Ability to meet minimum clearance requirements

\#Chenega Technical Innovations, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program

Apply to this Job