This JWICS Cybersecurity Inspection Program Technical Reviewer will play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners’ critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.

The Windows reviewer must be well versed in all sub-components for Windows systems which include Windows Operating Systems (OS), Windows Database Server, Windows Web, Windows Domain Controllers, Windows Exchange, and Windows Workstations. The windows reviewer must have knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

They are responsible for:

• Interacting with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans
• Responsible for interviewing organizational subject matter experts in conducting STIG, SRG, and IC policy checklists
• Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK© techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security control
• Participating in the planning, execution, and reporting of security audits and network vulnerability assessments with minimal supervision
• Assisting in preparation of assessment deliverables –Security Risk Assessments input, compliance data, STIG data, etc.
• Communicating on impact of vulnerabilities verbally, through presentations and written deliverables
• Plan, execute, and report on information technology, privacy, and operational reviews to identify mission, privacy, security, compliance, information technology, and regulatory risks
• Familiar with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals

Qualifications

• Current TS/SCI w/CI Poly security clearance
• Bachelor’s Degree and 12 Minimum as a system administrator for windows systems
• Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III.
• Experience working in a DoD or Intelligence Community Environment desired. Ability to develop vulnerability-based vignettes to support cyber tabletop exercises to evaluate effectiveness of protect and detect capabilities.
• Demonstrated ability to operate across departments to implement cybersecurity principles effectively.
• Skilled in identifying network anomalies and applying cybersecurity and privacy principles to organizational requirements.
• Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

The Windows reviewer must demonstrate expertise in:

• Windows 10 End of Support Schedules
• Operating System Information
• Hardware Information
• Windows Secure Host Baseline
• Windows TPM (Trusted Platform Module)
• BitLocker drive encryption
• Patches Installed
• Software Installed
• PowerShell Essential Commands and Scripting
• Windows Management Instrumentation (WMI)
• DSQuery and LDAP
• Users and Rights
• Group Membership
• Password Management
• System Security Settings
• Group Policy and RSoP
• Local Security Policy
• File and Share Permissions
• Registry Permissions and Settings
• Windows Logging
• Retention Settings
• Collection Options
• Centralized Aggregation of Logs