aXseum Inc. seeks a highly motivated and experienced Cyber Incident Management Specialist to support a Defense Threat Reduction Agency (DTRA) mission in Fort Belvoir, VA and Albuquerque, NM. This position will support the Defense Stockpile Management Systems (DSMS) which includes: Defense Integration and Management of Nuclear Data Services (DIAMONDS), Joint Application Design Environment (JADE), Nuclear Inventory Management and Cataloging System (NIMACS), Government Acceptance Testing (GAT), and DIAMONDS Accountability Training System (DATS).

Job Description Summary:

The Cyber Incident Management specialist will provide cybersecurity for the development of software application using Software Security principles and adhering to DoD IA and IT Standards for all Defense Stockpile Management System (DSMS) systems. Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Essential Duties and Responsibilities: 

1. Provides dedicated Host based security system administration and documentation support related to McAfee ePolicy Orchestrator (ePO), including knowledge of Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), Rogue System Detection (RSD), Policy Auditor (PA), and Virus Scan Enterprise (VSE).
2. Coordinates with other DSMS program teams, plans and creates cybersecurity architecture and designs documents for all DSMS cybersecurity architecture ensuring it is compliant with DoD and other Federal IA policies and guidance.
3. Employs best practices when implementing security controls within an IS including software engineering methodologies, system/security engineering principle, secure design, secure architecture and secure coding techniques.
4. Develops cybersecurity architecture and design plans for communication and collaboration products, operating system platforms including servers, devices, management products, applications and overall security related to implementing these products.
5. Provides security engineering support for accreditation of DSMS.
6. Integrates cybersecurity expertise into lifecycle management, plans architecture and design management, migration and deployment, and system testing and implementation.
7. Researches, develops, tests and documents architectures and solutions for implementing new cybersecurity technologies to provide more seamless information collaboration and cybersecurity capabilities for the program and its user base.
8. Develops and provides a criticality analysis of logic-bearing system components (e.g., hardware, firmware, and software) implementing, protecting, or introducing vulnerability(s) to each function.
9. Develops and updates mission criticality analysis(-es), vulnerability assessment(s), risk assessments(s), and identification and counter measurement implementation(s) for Mission- Critical Functions; ensuring updated assumptions, rationale and results related to the criticality analyses, vulnerability assessments, risk assessments, supply chain risk information, and risk mitigations are made available for Government review.
10. Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
11. Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
12. Evaluates, tests, recommends, coordinates, monitors and maintains cybersecurity policies, procedures and systems, including access management for hardware, firmware and software
13. Ensures that cybersecurity plans, controls, processes, standards, policies and procedures are aligned with cybersecurity standards
14. Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
15. Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
16. Provides guidance and leadership to less-experienced cybersecurity personnel.

Required Knowledge, Skills, and Abilities: 

1. Advanced degree of analytical ability.
2. Advanced skills in problem solving.
3. Ability to communicate effectively both orally and in writing.

Minimum Education and Experience: 

1. BA/BS in Computer Science or related field and 5 years of Cyber related experience. (Additional education, certification, training or work experience can be substituted in lieu of degree)
2. IASAE Level II Certification Required (CISSP, CASP-CE, CSSLP or CCSP)

aXseum Inc. and its subcontractors shall abide by the requirements of 41CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, protected veteran status or disability.