IPKeys Technologies

  • Cybersecurity Senior Manager

    Job Locations US-MD-Annapolis Junction
    Job ID
    2017-1709
    # of Openings
    1
    Education
    • Bachelor's degree in Cybersecurity preferred.
    • Certified Information Systems Security Professional (CISSP)
    • CompTIA Security+ continuing education (SY0-301 or SY0-401)
    Security
    • Qualified candidates must maintain an active DoD Top Secret clearance
    Experience
    • 15 years of experience with cyber security or information assurance
    • Working on transitioning programs from DIACAP to Risk Management Framework (RMF)
    • Applying and validating RMF controls
  • Overview

    IPKeys Technologies is seeking a cybersecurity professional to lead the company’s cybersecurity teams and manage resources across multiple customers and contracts. The Cybersecurity Manager will be responsible for multiple teams supporting the Defense Information Systems Agency (DISA).

    Responsibilities

    • Direct Cybersecurity teams by coordinating and providing guidance to the appropriate team lead.
    • Evaluate security impact and recommend responses to Information Assurance Vulnerability Alert (IAVA) inquiries
    • Oversee the following:
      • Configure lab testing system to comply with STIG (Security Technical Implementation Guide)
      • Maintain the operational configuration information
      • Authentication and Authorization (A&A) engineering support
      • The development of Plan of Action and Milestones (POA&M)
      • Security scanning events
      • Development of mitigation plan recommendations to fix all CAT1 and CAT2 findings
      • Security Test & Evaluation (ST&E)
      • POA&M and documentation in eMASS
      • Update SSAA (System Security Authorization Agreement)
      • Maintenance of laboratory Authority to Operate (ATO)
      • Development of Risk Management Framework Templates and local processes
    • Ensures the rigorous application of cyber security policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services
    • Develop and design security solutions to maintain confidentiality, integrity, and availability of information throughout the enterprise
    • Identifies, plans, and documents improvements to security controls currently in place
    • Develops recommendations and courses of action to solve cyber security problems
    • Develops and interprets cybersecurity requirements as part of the IT acquisition development process and assists in the formulation of cyber security/IT budgets
    • Plans and schedules the installation of new or modified security hardware, operating systems, and software applications
    • Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cyber Security Vulnerability Management program
    • Guides the implementation of appropriate operational structures and processes to ensure an effective cyber security program including boundary defense, incident detection and response
    • Contributes to the development of cyber security documentation, concept papers, and test plans required by Command policies, and the Risk Management Framework
    • Brief any major impacts that were identified during testing to the Senior Test Engineer or Government Test Lead
    • Identify hardware, firmware, and software vulnerabilities for every device or system under evaluation and provide recommendations for remediation or mitigation
    • Plan and manage team personnel and resources to meet requirements on multiple contracts
    • Coordinate with contract Program Managers on assets and funding needed to efficiently staff multiple
    • Support company business development by identifying cybersecurity opportunities and customers
    • Perform Level of Effort assessments to provide for proper proposal staffing plans or team staffing recommendations

    Qualifications

    • Ability to conduct vulnerability assessments and analysis on networks, servers, websites, databases, and assist with other assessment activities
    • Ability to plan and perform security controls assessments in accordance with NIST SP 800-53A rev 4, to include interviews, examinations, and technical vulnerability testing
    • Ability to identify organizational security weaknesses in personnel controls, training, incident and emergency response, logical security controls, physical security controls, operational security and with the integrity of software applications and data
    • Expertise with a majority of the following tools:
      • Nmap: Discovery
      • Nipper Studio: Network device configuration review- routers, switches, firewalls
      • WebInspect: Web Application
      • Wireshark: Network Traffic
      • NetSurveyor: Wireless Access Points
      • Burp Suite Pro: Web application
      • Nessus: Network hosts and Compliance checks
    • In-depth knowledge of Federal laws, directives, orders, etc., pertaining to IT security and directing Federal government agencies
    • Ability to assess, review, update and develop documentation to satisfy RMF, NIST, FISMA, and FISCAM support activities for DoD and non-DoD federal agencies
    • knowledge to include but not limited to anti-virus software, backups, microkernels, the principle of least privilege, defense in depth, audit logs, security patches, social engineering, and secure disclosure of vulnerabilities in accordance with the most current DISA approved Security Classification Guides (SCG)

    Experience

    • 15 years of experience with cyber security or information assurance
    • Working on transitioning programs from DIACAP to Risk Management Framework (RMF)
    • Applying and validating RMF controls

    Education

    • Bachelor's degree in Cybersecurity preferred.
    • Certified Information Systems Security Professional (CISSP)
    • CompTIA Security+ continuing education (SY0-301 or SY0-401)

    Security

    • Qualified candidates must maintain an active DoD Top Secret clearance

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed