Back to Directory

Responsibilities

• Update the DHS National Security System and Sensitive System Policies and proposals
• Draft DHS NSS Assessment, compliance and policy support standard operating procedures and playbooks
• Provide analysis report from Cybersecurity Threats and Vulnerabilities Research (both OSINT and other sources)
• Capable of providing security control assessments in accordance with NIST Risk Management Framework and the Committee on National Security Systems (CNSS) guidance and standards, validation of those assessments, and analysis of DHS NSS and other designated systems
• Assist with developing and maintaining formal documented NSS Assessment and Compliance SOPs. SOPs shall provide the operational basis for the DHS NSCD Compliance CONOPS
• Evaluate cyber risk indicators, including those risks stemming from cyber threats and protections that are in place to mitigate those threats(e.g., Common Vulnerabilities and Exposures (CVE), Computer Emergency Readiness Team (CERT), Information Assurance Vulnerability Alert (IAVM), etc…)
• Provide recommendations and produce consistent, comprehensive reports
• Implementation, training, and SOP development and maintenance of implemented solutions
• In-depth analysis to determine trends and patterns of cyber threat information
• Maintain an up-to-date list of Department, component and relevant cyber — IA POCs in designated website
• Utilize DHS NSCH authorized compliance tracking system tool to track approvals, compliance activities, and reporting
• Research cyber threats, assess the protections in place to mitigate cyber threats and determine and document the risk associated with the DHS NSS asset in the corresponding Risk Assessment Report
• Keep the DHS CISO and other key stakeholders informed of matters concerning the DHS NSS security posture
• Serve as an advisor to DHS NSCH Government personnel who represent DHS to external Government Agencies and National Security forums and discussions, as they relate to DHS NSS compliance activities
• Conduct weekly/monthly POA&M monitoring and review to ensure mitigation due dates do not expire. Work with the system owners, ISSOs, and other system security representatives to ensure POA&M timely closures.
• Provide analysis and feedback on DHS security artifacts assigned to
• NSCD to include but not limited to the Memorandum of Understanding (MOU); Memorandum of Agreement (MOA), and Interconnection Security Agreements (ISA)

Certifications

• At least one of the following:
• CISSP
• CAP
• CompTIA Security+

Qualifications

• Must have a Bachelor’s Degree in Computer Science or related field
• Must have an active Top Secret security clearance
• Must have 4 years of relevant work experience
• Proficient in Microsoft Office and related software
• Ability to meet deadlines and work independently

Location

• This position requires the candidate to come on-site to the facility twice a week (Tuesday & Thursday), and work can be done remotely. The main facility is located in the National Capital Region within the DC Metropolitan area.

Salary

• Salary is based on the number of years of relevant work experience the candidate has.

Please email your resume to our HR Recruiters