Job Title: Specialist, Cyber Intelligence
Job Code: 18914
Job Location: Palm Bay, FL
Job Description:
Performs vulnerability and network mapping scans under the guidance of the Information System Security Manager (ISSM) on assigned government-authorized systems. Will be responsible for performing scans of assigned information systems, including vulnerability, network detection and mapping, and controlled interfaces. The candidate must be knowledgeable on a variety of scanning tools, including Rapid 7 Nexpose, NMAP, and Nipper, or similar security tools . Additionally, the ISSO must be able to create and interpret scan reports and recommend prioritized remediation plans. Ability to script and develop parsing tools preferred, such as BASH script, Python, PowerShell script, etc. Other ISSO responsibilities include may include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) under the ICD503, JSIG and NISPOM; performing security control assessments as part of the systems’ Continuous Monitoring Plan; overseeing configuration management of assigned systems; working with IT organization to develop device and system hardening guides following DISA and NIST guidelines; auditing systems to ensure security posture integrity; conduct periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms; remediating control deficiencies; conducting, documenting and reporting annual self-assessments; maintaining operational information security posture for a system, program, or enclave; assist with investigating security incidents such as data spills, data integrity infractions, and malicious events; authoring and delivering security education and training to a range of audiences , as needed.
Essential Functions:
- Configure scan engines for vulnerability, network detection and mapping, and controlled interface scans
- Execute scans, generate reports, interpret results, and recommend remediation plans
- Provide any requested Assessment & Authorization (A&A) documentation of assigned systems as applicable
- Execute Continuous Monitoring Plans
- Interface with system managers and Information Technology (IT) personnel to track and resolve identified vulnerabilities
- Create, maintain, and update documentation
- Develop new concepts or standards which make significant and impactful improvements to processes, systems, solutions, or products
Qualifications:
- Bachelor's degree (Bachelor's or Graduate degree in Cybersecurity or a related discipline from an accredited college is preferred)
- Active Top Secret security clearance with SCI
- Current counterintelligence (CI) polygraph investigation or willingness to submit to a CI polygraph
- Security+ CE or equivalent certification
- Minimum 4 years of prior relevant experience to include experience with networking equipment; experience running vulnerability scans and interpreting results (e.g. Nessus, Assured Compliance Assessment Solution [ACAS], Rapid7 Nexpose, NMAP, etc.)
- Experience as an ISSO managing cybersecurity on classified systems under multiple agencies’ JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53 implementations
- Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes
- Experience with diverse workstation and server operating systems, including, but not limited to, Microsoft and Linux
Preferred Additional Skills:
- Certified Information System Security Professional (ISC2 CISSP) or equivalent certification
- Flexibility to adjust to changing requirements, schedules, and priorities
- Able to socialize ideas, make recommendations, and gain team consensus
- Excellent time management and task prioritization skills
- Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills
- Ability work in a team environment
- Ability to script and develop parsing tools, such as BASH script, Python, PowerShell script, etc.
