Cybersecurity Inspection Team Lead with Security Clearance
Apavo Corp
2024-11-05 08:38:43
Reston, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Title: Cybersecurity Inspection Team Lead
Location: Reston, VA; Washington, DC; Northern Virginia National Capital Region Clearance: TS/SCI w/CI Poly This job description outlines the primary responsibilities of the Cybersecurity Inspection Technical Lead. The individual will provide support to inspection capabilities and the development of emerging programs. The Team Lead is responsible for determining the scope and type of review to accomplish the inspection. This includes identifying the physical, personnel, communications, and information systems requirements to complete the inspection. Additionally, it includes the determination of resources based on scope, coordination of the inspection procedures associated with the inspection type development of a site report, and any briefings that are required for the completion of the review. In addition, the team lead will ensure that proper security information, protocols, and requirements are provided to the site. The team lead will also ensure all appropriate documentation to close out the review is completed within established timelines, including recommendations for follow-up. A typical assessment will be accomplished through a review of vulnerability scans assessing compliance with Security Technical Implementation Guides (STIGs), a review of other automated tool-based results such as network mapping and simulation, manual documentation reviews using checklists and guides developed to ensure repeatability and integrity within the inspection and other sources. Additionally, the Senior Technical Reviewers evaluate administrative factors such as training requirements, standard operating procedures, personnel qualifications, and others. These cybersecurity operational risk assessments will assess mission owners' ability to conduct day-to-day operations, secure and defend their cyber terrain, and ensure they do not represent high risk to the client's enterprise. Responsibilities:
The team lead is responsible for providing technical oversight and ensuring technical accuracy of all JCIP deliverables. This includes the execution of inspections in supporting the following: • Assisting in the collection of privileged information regarding the targeted organization. • Researching open-source information to aid in successful targeting and reporting of risk. • Coordination with organizational POCs to ensure appropriate scoping of target assets based on mission analysis and decomposition. • Oversight of multiple technology areas. • Creating and providing all briefings to the organization (e.g., in-brief, exit-brief). • Conducting daily hot washes to collect results of inspection and inform key site personnel of ongoing discoveries and issues. • Resolving issues impacting the collection of required data. • Providing Quality Control on collected inspection data. • Oversight and development of final reports and out-briefs. • Development of training plans, guides, checklists, tool recommendations, and SOPs in coordination with technical SMEs. • Track and provide status on development/integration plans. • Development of internal and external risk-based methodologies to inform on organizational risk assessments, compliance, and cyber hygiene. • Provide routine status updates. • Provide written Course of Action Recommendations and presentations. • Ensure milestones are addressed and leadership is aware of the status. • Preparation and presentation of recommendations and status. • Have comprehensive knowledge of controls related to the use, processing, storage, and transmission of data. • Responsible for identification of indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system. • Responsible for recognizing, categorizing, and documenting types of vulnerabilities and associated attacks for inclusion in reports. • Responsible for assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). • Assist in the collection of information regarding targeted organizations (i.e., prior inspection results, and various databases to include accreditation systems of record such as Xacta or eMASS) to understand known/identified risks and vulnerabilities of the target organization/system/location. • Researching source information to aid in successful targeting and reporting of risk. • Developing vulnerability test plans to document required compliance-based testing to be conducted against target critical assets during an assessment. • Utilizing standard tools to assess existing vulnerabilities and discrepancies in a secure configuration. • Using DoD Security Technical Implementation Guides (STIG) and STIG Viewer tool to record all non-scan technology inspection results. • Providing details and synopsis of results for inclusion in Final Report and Out-briefs. Required Knowledge, Skills, and Abilities: • Strong auditor mentality. • Must be a self-starter. • Strong oral and written communicator. • Understand the importance of process optimization. • Excellent oral and written communicator. • Can multi-task effectively and efficiently. • Knowledge of cyber threats and vulnerabilities. • Knowledge of computer networking concepts and protocols, and network security methodologies. • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). • Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware. • Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. • Skill in interpreting vulnerability scanner results to identify vulnerabilities. • Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results. • Skill in preparing and presenting briefings. • Skill in preparing plans and related correspondence. • Skill in providing analysis to aid in writing phased after-action reports. • Ability to work unsupervised. • Ability to collect, verify, and validate test data. • Ability to work across departments and business units to implement the organization's cyber principles and ability to communicate how to align to security objectives. Clearance, Education, and Certification Requirements: • Minimum of eight (8) years' Cyber/Information Assurance experience with a general intermediate knowledge of cybersecurity disciplines: (Risk Management Framework, DevSecOps, CND, cybersecurity engineering, continuous monitoring, customer on-boarding). Must have at least 12 years of experience in management consulting or change management. • Bachelor's degree or equivalent training and/or experience with a master's degree or advanced training in management consulting. • Current TS/SCI with CI polygraph clearance required; or the ability to obtain one. • DoD 8570.01-M Cybersecurity workforce certification, and DoD Directive 8140 Cyberspace Workforce Management, and IAT II. • Must be willing to travel up to 30%, including local travel to the National Capital Region (NCR).