Kingfisher Systems, Inc washington , DC 20147
Posted 3 weeks ago
The position is hybrid-remote to DC Metro area only
Cybersecurity Specialist Junior
Kingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher's core competency is technology-enabled services with a specific focus on national security. Since 2005 Kingfisher has established itself as a recognized and trusted partner whose mission is safeguarding sensitive information, operations, and programs for our Federal customers and U.S. warfighters.
Responsibilities
Kingfisher is seeking an Cybersecurity Specialist Junior
The Cybersecurity Specialist
Government customer information systems are considered in one of three states of System Authorization: Initial Authorization, Reauthorization, or Continuous Monitoring Assessment (CMA), also known as ongoing authorization. The Information Systems Specialist/ Mid-Level must conduct comprehensive security assessments to yield a clear understanding of security status and risk to operations and executing the mission.
Authorization Official and Authorization Official Designated Representative
System Owner,
Information System Security Officer,
Privacy Officer,
Application/System Administrator,
Common Controls Provider (CCP), or
Cloud Service Provider (CSP).
FedRAMP access to packages will be approved (as required) to ensure the accuracy of information and notification of the assessment schedule.
Cybersecurity Specialist
Required Qualifications
Skilled in cybersecurity professional with a keen understanding of technology including but not limited to application, databases, networking and architecture to support adequate security and remediation planning activities.
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
Experience developing and delivering System Security Plan(s) in CSAM.
Experience in application and system continuity and risk strategies.
Experience in network firewall, data loss prevention, network intrusion detection systems, and intrusion prevention systems.
Experience in Operating Systems and systems services (Windows Server, Linux/ Unix and Active Directory).
Ability to conduct dynamic web application security testing, both manual testing and utilizing application security tools to discover exploitable vulnerabilities and interpret result for remediation.
Experience in vulnerability Application and database security assessment, SCA SMEnning and results interpretation.
Ability to format and configure large documents in Microsoft suites and Adobe PDFs
Ability to format and configure datasheet and workbook in Microsoft suite e.g., Excel or SharePoint List.
Ability to function effectively in a dynamic, fast-paced environment.
Additional Requirements
Knowledge of applicable laws, statutes, Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
Knowledge of Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
Federal Information Security Management Act (FISMA) of 2014
Clinger-Cohen Act of 1996 also known as the Information Technology Management Reform Act of 1996, 40 U.S.C § 1401 et seq.
Privacy Act of 1974, 5 U.S.C. § 552a, as amended.
Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources, and Appendix Ill, Security of Federal Automated Information Systems, as amended.
OMB Memorandum M-04-04, E-Authentication Guidance for Federal Agencies.
National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) Publication (PUB) 140, Security Requirements for Cryptographic Modules.
NIST FIPS PUB 199, Standards for Security Categorization of Federal Information and Information Systems.
NIST FIPS PUB 200, Minimum Security Requirements for Federal Information and Information Systems.
NIST Special Publication 800-18 Rev 1, Guide for Developing Security Plans for Federal Information Systems.
NIST Special Publication 800-30 Rev 1, Guide for Conducting Risk Assessments.
NIST Special Publication 800-53 Rev 4 and 5 Security and Privacy Controls for Federal Information Systems and Organizations.
NIST Special Publication 800-53A Rev 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations.
NIST Special Publication 800-37 Rev 1, Guide for Applying the Risk Management Framework to Federal Information Systems.
NIST Special Publication 800-34 Rev 1, Contingency Planning Guide for Federal Information Systems.
NIST Special Publication 800-47 Rev 1, Managing the Security of Information Exchanges
Expert experience in Federal Information Security Modernization Act 2014 (FISMA) and federal requirement for reporting.
Keen understanding of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) in detail of all supporting steps and Cybersecurity Framework (CSF) and Privacy Act.
Knowledge of Department of Homeland Security Cybersecurity & Infrastructure and Security Agency (CISA) Directives and programs e.g., Continuous Diagnostic and Mitigation (CDM).
Understanding of information assurance, cybersecurity, privacy policies disciplines, methodologies.
Knowledge of current and emerging cyber technologies.
Knowledge of Application Security Risks (e.g., Open Web Application Security Project and others).
Knowledge General Services Administration Federal Risk and Authorization Management Program (FedRAMP) including process for continuous monitoring.
Understanding of Identity, Credential and Access Management (ICAM) implementation.
Ability to work with customers to assess needs, provide assistance, resolve problems, satisfy expectations; knows products and services.
Understanding of CSAM application and its reporting and controls management (Common, Hybrid, and System specific).
Required Certifications: One of the following, at a minimum
Years of Experience:
Degree Requirement:
Minimum Clearance Requirement:
U.S. Citizenship:
Location:
Kingfisher Systems, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.
Kingfisher Systems, Inc