Cybersecurity Subject Matter Expert

CYBERSECURITY SUBJECT MATTER EXPERT - LEAD - SECRET / DoD

Location: Ft. Belvoir, VA (Hybrid)

Clearance: Current and active Secret clearance required.

Overview:

• Provides expert support, research and analysis of exceptionally complex problems, and processes relating to them.

• Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems.

• Thinks independently and demonstrates exceptional written and oral communications skills.

• Applies advanced technical principles, theories, and concepts.

• Contributes to the development of new principles, concepts, and methodologies.

• Works on unusually complex technical problems and provides highly innovative and ingenious solutions.

• Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs.

• Works under consultative direction toward predetermined long-range goals and objectives.

• Assignments are often self-initiated.

• Determines and pursues courses of action necessary to obtain desired results.

• Develops advanced technological ideas and guides their development into a final product.

• Expertise is in the area of cybersecurity and evaluations.

Minimum Experience:

• Seven (7) years' experience supporting DoD or Federal Cyber / IT initiatives.

• Five (5) years IA experience

• Three (3) years of experience with DOD Vulnerability Management System

• Bachelor's degree preferred

• DoD 8570.01-M Certification: DFARS Information Assurance Contractor

• IA Technical (IAT)/IA Management (IAM) Level: IAT Level II

• IA Baseline Certification: Attachment 3 DOD 8570 Approved Baseline

• Certifications Full

• CE/OS Certificate: Attachment 4 DLA Approved CS CE List v28 . Certification must be applicable to the Oracle based DAI Application Environment

• DISA FSO certified CCRI Team Lead and certification in penetration testing, such as:

o Licensed Penetration Tester (LPT)
o Certified Expert Penetration Tester (CEPT)
o Certified Ethical Hacker (CEH)
o Global Information Assurance Certification Penetration Tester (GPEN)

• Retina scan analysis

• Operating Systems (Windows, Unix)

• Boundary defense (network policy, router, firewall)

• Internal defense (L2 switch, L3 switch)

• DNS (policy, BIND/Windows)

• HBSS (remote console, AV, ABM, PA, HIPS, ePO)

• Traditional security (Common, Basic, NCV, SCV)

• Wireless communications (BES, handhelds)

• Tenable Certified NESSUS Auditor, IAM level III and IAT level II certifications

• Knowledge and understanding of DOD security regulations, DISA STIGs.

• Strong knowledge of SCAP

• Strong knowledge of RMF

• Excellent knowledge of and proficiency with:

o VULNERATOR
o USCYBERCOM CTO Compliance Program
o Wireless vulnerability assessment
o Web Services (IIS, Apache, Proxy)
o Database (SQL Server, Oracle)
o Email Services (Exchange)
o Vulnerability Scans (NESSUS, SCCM)
o Knowledge of Phishing exercises
o USB Detect
o Physical Security