Great client looking for an IT Security Specialist/Program Manager. Must be US Citizen and able to get a DOD Clearance.
We are currently looking for a Senior IT Security Specialist/Program Manager to support the Chief Information Security Officer (CISO) and appointed representatives with identifying accredited system security controls and boundaries, establishing procedures and resources for verifying their effectiveness and scheduling the verification activities at the Department of Homeland Security (DHS). In the execution phase, responsibilities will include verifying that the system security controls are implemented correctly and are producing the desired outcome. In addition, the candidate will act as the Program Manager to provide administrative staff management as well as technical direction and guidance to all team members including scheduling, delegation of duties and responsibilities, development and review of all test plans, test cases and test results.
Duties include but are not limited to:
Perform Security Assessments and Technical Security Reviews (TSR) for classified and unclassified systems;
Ensure adherence to the DHS/CBP Systems Engineering Lifecycle (SELC) and Change Management (CM) principles;
Develop and update testing procedures, Rules of Engagement (RoE) and security assessment scripts;
Select and configure vulnerability assessment tools;
Ensure that all ST&E activities conform to prescribed agency standards;
Provide advice to team members on problems;
Ensure that all time schedules are met;
Prepare ad hoc progress and/or management reports as required;
Ensure that all deliverable are on or ahead of time;
Prepare and deliver presentations to colleagues, subordinates, and government representatives as required;
Identify security risks, threats and vulnerabilities;
Use NIST SP800-53 (Rev 3 and 4) and DHS 4300A/B controls
Review security controls using manual processes and automated tools;
Analyze scan results to validate findings and identify false positives;
Review Security Plans, Perform Risk Analysis and Develop Security Assessment Reports (SAR);
Work with ISSOs and System Owners on the assessment of systems under test.
Be able to obtain DHS/CBP Clearance
B.S. from an accredited institution in a Technical or Engineering related discipline or relevant experience can be substituted in lieu of a degree.
8 years of experience in IT Security with relevant security assessment planning and execution including use of automated assessment tools and 4+ years as a Program Manager or Project Lead supporting government contracts
In-depth knowledge of and experience in applying: OMB, DHS 4300A/B, FIPS, NIST SP-800 series standards; related Federal IT security mandates and best practices; and agency specific policies and directives derived from such
Excellent written and verbal communication skills
Excellent interpersonal skills
Program Management experience
Active Secret, Top Secret or DHS Clearance
DHS Agency or other Component experience
CISSP, CISA or GIAC Certification
Master’s Degree in a Technical or Engineering related field
Telos Xacta IA Manager experience, (Nessus, AppDetective, WebInspect, Core Impact, etc…)