Titus Cybersecurity Specialist III

REQUIRED:

TO BE CONSIDERED FOR THIS POSITION YOU MUST HAVE AN ACTIVE TS/SCI W/ FULL SCOPE POLYGRAPH SECURITY CLEARANCE (U.S. CITIZENSHIP REQUIRED)

Cyber Security Expert with Government RMF Process and ATO Documentation Expertise. We are seeking a highly skilled and experienced Cyber Security Expert who possesses a deep understanding of the government Risk Management Framework (RMF) process and Authorization to Operate (ATO) documentation and process.

The successful candidate will play a crucial role in ensuring the security and compliance of our digital systems, networks, and data. Candidate will be required to be onsite 3 days/week Responsibilities: 1. Lead and oversee the implementation of the government RMF process for our organization. 2.

Develop, review, and update ATO documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Actions and Milestones (POA&Ms). 3. Conduct security assessments and vulnerability scans to identify and mitigate potential risks and vulnerabilities. 4. Collaborate with cross-functional teams to ensure compliance with security policies, standards, and guidelines. 5.

Provide guidance and support in the design and implementation of security controls and measures. 6. Stay updated with the latest cyber threats, vulnerabilities, and industry best practices to enhance the organization's security posture. 7. Assist in incident response and conduct forensic analysis when necessary. 8.

Conduct security awareness training and promote a culture of security within the organization. Requirements: 1. Bachelor's degree in Computer Science, Information Security, or a related field.

Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable. 2. Proven experience in implementing the government RMF process and preparing ATO documentation. 3. In-depth knowledge of security frameworks, standards, and guidelines (e.g., NIST SP 800-53, FISMA, FedRAMP). 4.

Strong understanding of network and system security principles, protocols, and technologies. 5. Experience with security assessment tools, vulnerability scanners, and penetration testing techniques. 6. Familiarity with incident response procedures and analysis. 7.

Excellent communication skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. 8. Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks. The Cybersecurity Specialist III is responsible for conducting threat and risk analysis and analyzing the operational impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues.

The Cybersecurity Specialist III implements vulnerability assessments and configures audits of operating systems, web servers, and databases; and detects patterns, unsecure features, and malicious activities in the infrastructure. The Cybersecurity Specialist III performs research, testing, evaluation, and deployment of security technology and procedures and runs diagnostics on changes to data to verify undetected breaches. The Cybersecurity Specialist III develops custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware.

The Cybersecurity Specialist III develops and implements information security standards, guidelines, and procedures and develops firewalls to secure the network infrastructure. The Cybersecurity Specialist III maintains an awareness of new intrusion methods and develops Protection Plans. The Cybersecurity Specialist III conducts counteractive protocols and reports incidents.

The Cybersecurity Specialist III offers customized risk ratings for vulnerabilities based on company policies and maintains IT security controls documentation. The Cybersecurity Specialist III manages relationships, and coordinates with customers and service providers while providing customized security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures. 

Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.

Hands-on experience analyzing high volumes of logs, network data (e.g., NetFlow, FPC), and other attack artifacts in support of incident investigations.

Experience with vulnerability scanning solutions.

Familiarity with the DoD Information Assurance Vulnerability Management Program.

Proficiency with any of the following: Anti-virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.

Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent.
5 years of position-relevant work experience.

A candidate holding a relevant Master’s degree may be granted 2 years’ experience credit for that extra education.

A candidate holding a relevant PhD degree may be granted 4 years’ experience credit for that extra education.

HS and 13 years of experience; Associates and 11 years of experience