Responsibilities:

• Provides objective advice and specialized skills in order to create value, maximize growth or improve performance, resiliency and protection against cybersecurity related threats, vulnerabilities, and other cybersecurity related remediation activities.
• Participates in consulting projects that deliver customer focused results aligned with strategic goals of the Client.
• Facilitates review and analysis of strategic issues and advises regarding implementation of strategy.
• May assist in conducting education classes. May provide support in the following areas: guidance to resolving issues, analysis of trends and issues, development of procedures and processes, oversight of technical implementation and execution of strategic plans.
• Applies specialized knowledge of sensitive system Cybersecurity requirements and Privacy Act requirements.
• Applies specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with NIST’s Risk Management Framework and the Federal Risk and Authorization Management Program (FedRAMP). 
• Applies specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, Federal Information Processing Standards (FIPS, and NIST guidelines
• Applies knowledge of DHS Information Security Policy Directives and Handbooks is preferred.
• Applies knowledge and experience with standard IA concepts, practices, and procedures. Working independently to solve problems quickly and completely.
• Applies specialized experience with three (3) of the four (4) following criteria is required:
  • Vulnerability scanning execution, assessment, and analysis.
  • Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN].)
  • Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies.
  • Application security, database security, and network security.
• Possess ability to assess and weigh current and evolving security threats in an operational environment.
• Possess good oral and written communication skills.
• Team player who can collaborate with multiple stakeholders to arrive at the best solution.
• Relies on extensive experience and judgment to plan and accomplish goals. Works independently to solve problems quickly and completely.

Certification: Possesses one of the following professional security certifications or can be obtained within six (6) months of hire: CISSP, CASP, CISA, CISM, CEH, SSCP, GISP, GSLC.

Education: Candidate must have a Bachelor's Degree and 5 years of experience.

Experience:

For equivalency, 1 year of experience equals 1 year of education.

For equivalency, 1 year of education equals 1 year of experience.

• Varies depending on years of experience.
• Must have 5 years of Cybersecurity experience.
• Must have 5 years of FISMA experience.
• Must be eligible to obtain a DHS Public Trust.