- Provide technical expertise for evaluating a wide array of current and new technologies.
- Technologies include, but are not limited to: mobile, cloud, and wireless.
- Draft recommendations for secure implementation in accordance with security configuration standards and industry best practices.
- Review enterprise change requests to ensure their compliance with Departmental policy, technical security countermeasures, and industry best practices.
- Participate in several change review and control boards, providing verbal and written recommendations.
- Promote awareness of security issues among management and ensure sound security principles are reflected in the organizations' visions and goals.
- Conduct research pertaining to the latest security threat vectors and the latest technological advances in combating unauthorized access to information that is necessary in supporting the client to publish incidents, alerts, advisories, and bulletins.
- Ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services.
- Active Secret clearance with the ability to be cleared to the Top-Secret level
- 4 years of relevant experience and a bachelor's degree in a related field
- 2-3 years' experience analyzing technologies (e.g., Mobile platforms, Cloud Services, Identity and Access Management) for relevant cybersecurity vulnerabilities and developing mitigation strategies
- 1-2 years' experience in enterprise change management processes (e.g., ITIL, change request documentation, NIST SP 800-37 based Security Impact Analysis)
- 2–3 years in enterprise hands-on network administration or engineering focused on core infrastructure implementation and administration
- 2-3 years' hands-on experience with system engineering, analysis, or administration of an enterprise level (10,000+ nodes) network infrastructure, to include routers, switches, servers, and firewalls (e.g., Cisco routers and switches, Windows servers, McAfee, Cisco, or Palo Alto firewalls)
- Solid understanding of firewall rule structure, network protocols, and associated vulnerabilities
- Solid understanding of Active Directory and Windows Servers on an enterprise level
- 2-3 years' hands-on experience with configuration and/or administrating enterprise mobile device deployment
- 2-3 years' experience working with server/application virtualization on an enterprise level
- 1-3 years' experience with configuring/administrating wireless networks
- 1-3 years' experience with configuration and/or administrating VOIP
- 1-3 years' active involvement in FISMA implementation to include the NIST Risk Management Framework (RMF), C&A/A&A, cybersecurity reviews and assessments
- Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), or equivalent certification
- Cisco Certified Network Associate (CCNA)
- Microsoft Certified IT Professional (MCITP) or equivalent certification
- GIAC Certified Perimeter Protection Analyst (GPPA)
- VMware Certified Professional - Cloud (VCP-Cloud)
- Certificate of Cloud Security Knowledge (CCSK) or equivalent certification