Clearance: TS clearance with SCI eligibility is required.
Responsibility:
- Develops and maintains an Information System (IS) security program and policies for an assigned area of responsibility.
- Develops and oversees operational IS security implementation policy and guidelines.
- Monitors all available resources that provide warnings of system vulnerabilities and security compliance deficiencies.
- Monitors system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
- Responsible for supporting security assessments, tests, and reviews; ensuring proper measures are taken when an IS incident or vulnerability affecting secure systems or information is discovered.
- Ensures the application of configuration management policies and procedures for authorizing the use of hardware and software are followed.
- Ensures systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the System Security Plan (SSP).
- Develops and updates the SSP, manages and controls changes to the system, and assesses the security impact of those changes.
- Ensures user activity monitoring data is analysed, stored, and protected in accordance with the IS policies and procedures.
- Develops and maintains POA&Ms to help manage resolution of IS weaknesses, coordinate resources and timelines for corrective actions, and address mitigation actions.
- Ensures all users have the requisite security clearances and authorization and are aware of their security responsibilities.
- Assists in approved secure data transfer between systems.
Job Details:
- Assist and Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
- Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
- Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
- Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders. Recognize a possible security violation and take appropriate action to report the incident, as required.
- Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
- Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.
- Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
- Lead and align information technology (IT) security priorities with the security strategy.
- Prepare for and participate in periodic organization compliance assessments. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Education and Certifications:
- BS degree is preferred but not required
- Security Plus is the minimum 8570 certification requirement. Candidate must have and maintain this certification.
Job Type: Full-time
Pay: $90.00 - $100.00 per hour
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
Compensation package:
- Bonus opportunities
- Holiday pay
- Hourly pay
- Overtime pay
- Semiannual bonus
Experience level:
Schedule:
- 8 hour shift
- Day shift
- Monday to Friday
- No weekends
License/Certification:
- DoD 8570 (Preferred)
- Certified Information Systems Auditor (Preferred)
Ability to Commute:
- Lexington, MA 02421 (Preferred)
Ability to Relocate:
- Lexington, MA 02421: Relocate before starting work (Required)
Work Location: In person