NOTE 1: You should either already have either have an active US Government Public Trust background investigation or have the appropriate background to be cleared and be able to wait up to 6 weeks to be cleared after you are selected for the job.
NOTE 2: You must be able to come to Bethesda, Maryland to pick up your badge and your laptop.
NOTE 3: You must be available to work 8 hours from 9am to 5:30pm Eastern with a 30-minute break for lunch.
Responsibilities
1. Monitor information systems, networks, and applications for potential security breaches or incidents. Respond promptly to security alerts, investigate security incidents, and coordinate incident response activities.
2. Research and analyze emerging cybersecurity threats, vulnerabilities, and attack vectors. Stay up-to-date on current cybersecurity trends and developments to proactively identify potential risks to the organization's cybersecurity posture.
3. Conduct vulnerability scanning to identify weaknesses in systems, networks, and applications. Develop and implement remediation plans to address identified vulnerabilities and mitigate security risks.
4. Evaluate existing security architectures, designs, and configurations to identify gaps and weaknesses.
5. Develop, implement, and enforce cybersecurity policies, standards, and procedures based on cybersecurity best practices and Federal regulations. Ensure compliance with relevant cybersecurity frameworks, such as NIST, FedRAMP, or CIS security controls.
6. Facilitate cybersecurity awareness training to educate employees about cybersecurity best practices, policies, and procedures. Promote a culture of security awareness and accountability throughout the organization.
7. Document security incidents, including their root causes, impact, and remediation actions taken. Prepare and present reports on security incidents, trends, and metrics to leadership and stakeholders.
8. Conduct risk assessments to identify and prioritize cybersecurity risks to the organization's assets, systems, and data. Develop risk mitigation strategies and work with stakeholders to implement appropriate controls and safeguards.
9. Contribute to the development and implementation of cybersecurity governance frameworks, strategies, and roadmaps aligned with the organization's business objectives and mission.
10. Review and update security policies, procedures, and guidelines regularly to reflect changes in the threat landscape, technology environment, and Federal requirements.
11. Develop risk mitigation strategies and action plans to address identified cybersecurity risks. This may involve implementing technical controls, process improvements, or policy changes to reduce risk to an acceptable level.
12. Monitor and track the effectiveness of risk mitigation measures over time. Generate regular reports on cybersecurity risk posture, including key risk indicators, risk trends, and areas of concern.
13. Ensure compliance with relevant cybersecurity regulations, standards, and industry best practices. Stay informed about changes to regulatory requirements and assess their impact on the organization's risk profile.
14. Evaluate the cybersecurity risks associated with third-party vendors, suppliers, and partners. Conduct due diligence assessments to ensure that third parties meet the organization's security requirements and standards.
15. Assess the effectiveness of security controls and safeguards implemented across the organization. This may involve conducting security control assessments and vulnerability scans to identify weaknesses and areas for improvement.
16. Participate in business continuity and disaster recovery planning efforts to ensure the organization is prepared to respond to and recover from cybersecurity incidents and other disruptions. Develop and maintain incident response plans, playbooks, and procedures.
17. Communicate cybersecurity risks, vulnerabilities, and mitigation strategies to stakeholders at all levels of the organization. Collaborate with business owners, IT teams, and executive leadership to ensure a common understanding of cybersecurity risks and priorities.
18. Continuously evaluate and refine risk management processes, methodologies, and tools to enhance effectiveness and efficiency. Incorporate lessons learned from security incidents, risk assessments, and compliance audits into ongoing risk management activities.
Qualifications
1. A bachelor's degree in computer science, information technology, cybersecurity, or a related field.
2. Industry-recognized certifications such as CISSP, GIAC, CEH, and CompTIA Security+.
3. 5+ years of experience in cybersecurity, with a focus on risk management, incident response, or security analysis.
4. Experience in security information and event management (SIEM) tools, such as Splunk, ArcSight, or QRadar.
5. Experience with intrusion detection/prevention systems (IDS/IPS), firewalls, antivirus solutions, and endpoint detection and response (EDR) platforms.
6. Knowledge of common cybersecurity frameworks and standards, such as NIST Cybersecurity Framework, NIST 800 Special Publications, FedRAMP, CIS controls.
7. The ability to analyze complex security incidents, identify root causes, and develop effective remediation strategies. Strong critical thinking skills and attention to detail are essential for success in this role.
8. Excellent written and verbal communication skills are necessary to communicate security risks, incidents, and remediation plans to technical and non-technical stakeholders effectively. The ability to collaborate with cross-functional teams and external partners with ease.
9. Experience in leading security projects and initiatives, as well as coaching and developing talent, is needed.
10. Willingness to continuously learn and stay updated on emerging threats, technologies, and best practices is essential.
Job Type: Full-time
Pay: $92,069.00 - $106,000.00 per year
Benefits:
- 401(k)
- Dental insurance
- Employee assistance program
- Flexible schedule
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Retirement plan
- Tuition reimbursement
- Vision insurance
Compensation package:
Experience level:
Schedule:
Application Question(s):
- PLEASE ANSWER ALL QUESTIONS: (1) Why are you looking for a new job? If it because a contract is ending, please provide exact date when the contract ends (2) When can you start? (3) What is your visa and citizenship status? (4) What is your desired salary? (5) What days/times, in next 2 weeks, are you available for video screening? (6) Are you able to work 8:30am to 5:30pm with 1 hour for Lunch & break(s)? (7) In which of the following do you have 5+ years of cybersecurity experience - risk management, incident response, or security analysis? (8) Which of the following do you have knowledge of: common cybersecurity frameworks and standards, NIST 800 Special Publications, FedRAMP, CIS controls? (9) If you have an active Public Trust, please advise when was your investigation was completed? (10) If no active Public Trust, can you wait 4-6 weeks to start as the investigation takes time?
Education:
Experience:
- Cybersecurity: 5 years (Required)
- SIEM tools such as Splunk, ArcSight, or QRadar.: 2 years (Required)
- IDS/IPS, firewalls, AV, and endpoint detection and EDR: 2 years (Required)
License/Certification:
- CISSP, GIAC, CEH, or CopTmIA Security+ (Required)
Security clearance:
Work Location: Remote