Mission Critical Cyber Security/ISSO opportunity - TS/SCI w/ Poly required

Leading Path Consulting

Warrenton, VA

JOB DETAILS
SALARY
$175,000–$250,000
SKILLS
Access Control, Amazon Web Services (AWS), Atlassian JIRA, Auditing, Automation, Bash Scripting, Best Practices, CentOS, Cisco Network Systems, Citrix Product Family, Cloud Computing, Communication Skills, Communications Protocols, Computer Security, Concept of Operations (CONOPS), Configuration Management, Customer Support/Service, Defense in Depth, Documentation, Elasticsearch, Firewalls, Fortune 500 Customers, Government, Government Off-the Shelf (GOTS), HTTP (HyperText Transport Protocol), Hybrid Cloud, Information Technology & Information Systems, Information Technology Consulting, Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, LDAP (Lightweight Directory Access Protocol), Leadership, Management Consulting, Microsoft Windows Azure, Microsoft Windows Operating System, NMap, Nessus, Network Architecture/Engineering, Network Systems, Open Source, Operating Systems, Presentation/Verbal Skills, Python Programming/Scripting Language, Red Hat Linux Operating System, Risk, Risk Analysis, SSH (Secure Shell), Scripting (Scripting Languages), Security Analysis, Security Monitoring, Sensitive Compartmented Information (SCI), Software Patches, Splunk, TCP/IP (Transmission Control Protocol/Internet Protocol), Technical Leadership, Technical Operations, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST), UDP (User Datagram Protocol), VMWare, Windows PowerShell, Writing Skills
LOCATION
Warrenton, VA
POSTED
3 days ago

Members of the ISSO team support the assessment and authorization (A&A) process for information systems. The successful candidate will have requisite cyber security experience with methods and tools used to improve the security posture of critical systems such as identifying risks, vulnerabilities, anomalies, patching, auditing, automation, security hardening, best practices, and evaluating system changes. In addition, the candidate will collaborate with developers and engineers on projects to create a secure hybrid-cloud environment.

QUALIFICATIONS

Bachelor’s degree in Cybersecurity, IT, or other related technical discipline; or the equivalent combination of education, technical training, or work/military experience

Minimum eight (8) years applied experience or relevant degree plus five (5) years of Cybersecurity expertise with demonstrated ability to successfully shepherd IT projects of varying types through the authorization lifecycle

REQUIRED KNOWLEDGE/SKILLS

Strong verbal and written communication/cooperation within a team context

Supported control implementation assessment and reporting and monitoring processes using cyber security and assessment management systems

Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures

Demonstrated essential understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows)

Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alerting

Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities

Experienced working closely with stakeholders, developers, and external teams, including customer security manages (ISSMs), organizational leadership, and key personnel

Applied experience with the customer’s assessment and authorization tracking tools

Knowledgeable regarding Common Control Provider (CCP) requirements and methodology

Demonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS and IPS, etc.

Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customer

Demonstrated experience with the design and implementation of defense-in-depth solutions

Skilled in cross-team collaboration and effective communication to fulfill specific authorization requirements

Demonstrated skill documenting processes and procedures in CONOPS and system security, contingency, configuration management and other plans

Demonstrated ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waivers

Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirement as documented in NIST 800-53 and its revisions

Extensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.

Demonstrated experience with security, monitoring and auditing cloud-based technologies, products and services, such as Amazon Web Services (AWS) or Microsoft Azure

Knowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval tools

Ability to work within fast-paced customer environments

DESIRED SKILLS

Experience in scripting/program languages such as Bash, PowerShell, or Python

Requirements

REQUIRED KNOWLEDGE/SKILLS

Strong verbal and written communication/cooperation within a team context

Supported control implementation assessment and reporting and monitoring processes using cyber security and assessment management systems

Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures

Demonstrated essential understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows)

Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alerting

Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities

Experienced working closely with stakeholders, developers, and external teams, including customer security manages (ISSMs), organizational leadership, and key personnel

Applied experience with the customer’s assessment and authorization tracking tools

Knowledgeable regarding Common Control Provider (CCP) requirements and methodology

Demonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS and IPS, etc.

Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customer

Demonstrated experience with the design and implementation of defense-in-depth solutions

Skilled in cross-team collaboration and effective communication to fulfill specific authorization requirements

Demonstrated skill documenting processes and procedures in CONOPS and system security, contingency, configuration management and other plans

Demonstrated ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waivers

Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirement as documented in NIST 800-53 and its revisions

Extensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.

Demonstrated experience with security, monitoring and auditing cloud-based technologies, products and services, such as Amazon Web Services (AWS) or Microsoft Azure

Knowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval tools

Ability to work within fast-paced customer environments

DESIRED SKILLS

Experience in scripting/program languages such as Bash, PowerShell, or Python

Benefits

Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and family friendly work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package including fully paid medical/dental/vision premiums, generous PTO, 11 Paid Holidays, 6% 401K contribution, annual training and tuition reimbursement, SPOT Award bonuses, regular team events, opportunities for professional growth and advancement and much more!

About the Company

L

Leading Path Consulting