Cyber Subject Matter Expert

Fairwinds Technologies is looking for a Cyber Subject Matter Expert (C SME) who will support a wide range of Cyber responsibilities. The C SME will be responsible for initiating and maintaining program System Security Plans, RMF, IT procedures, and continuously monitoring and maintaining a consistent system program security posture. The C SME will also demonstrate extensive knowledge, experience, and expertise in the areas of; cyber risk, compliance, and acquisition activities in support of DoD cybersecurity policies and objectives.

Location: ON-SITE, Aberdeen Proving Ground, Maryland.

Required Qualifications:

• Bachelor’s degree in cybersecurity, information assurance, computer science or a related technical discipline
• 14 years’ experience conducting Cyber Analysis or Cyber Operations
• 7 years’ experience with DoD telecommunications policies and procedures
• 7 years' experience with security-centric data sets
• Active Secret DoD Clearance
• Detailed knowledge of a Risk Management Framework (NIST RMF, NIST CSF)
• Demonstrated experience installing, managing, and operating continuous monitoring support solutions including development of metrics for reporting and auditing
• RF background, or a basic understanding of satellite communications
• Familiarity with USG DI-MGMT-82191
• Familiarity with the Federal Information Security Management Act (FISMA)
• Certified in accordance with the baseline certification, as stipulated in DoD 8570.01-M (Ch4)
• Demonstrated experience participating or leading technical exchange meetings and documenting action items or results

Desired Certifications:

• CompTIA Advanced Security Practitioner (CASP )
• Comp TIA security ce
• Cisco Certified Network Professional Enterprise (CCNP)
• Cisco Certified Specialist – Enterprise design

Responsibilities:

• Support the formal Security Test and Evaluation (ST&E) required by program stakeholders through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports
• Provide RMF SME support in the form of stakeholder training and briefs, on progress, hurdles, and roadblocks as they arise.
• Measures program compliance with cybersecurity requirements and recommends cybersecurity program operational execution activities, processes, and practices
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Support & maintain an Accreditations and Expiration Dates Record on upcoming expiration of accreditations in addition to RMF-related tasks using RMF management platforms
• Provide guidance, support, testing, and recommendations to ensure secure application release.
• Configure, run, and monitor automated security testing tools
• Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews
• Apply upgrades and patches as necessary to maintain system security and compliance.
• Provides comprehensive analysis of available system security information to identify activity on customer networks and systems; detects, analyzes, and recommends mitigations regarding cyber threats to the customer networks and systems; incorporates multiple alternative sources of information
• Provides cybersecurity awareness feedback and recommendations on how to improve networks and systems that are currently deployed or under development by the customer, including information related to timelines of incidents and their impacts
• Reviews threat activities based on available sources of information and then identifies/correlates events and activities; supports ongoing processing of each activity
• Development of dashboards and reports to support the program’s oversight and measures of its cyber assets and platforms
• Responsible for the creation and maintenance of the program’s Cyber Security Vulnerability Report, DI-MGMT-82191
• Ensures program compliance with USG memorandum titled, “Cyber Security in Army Acquisition Programs”

Position Type/Expected Hours of Work

• This is a full time, exempt position.

Work Authorization/Security Clearance

• Must be a U.S citizen with the ability to possess a valid US DoD security clearance.

AAP/EEO Statement

Fairwinds Technologies, LLC is an Equal Opportunity Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity