Requisition #: 0059111021

Job Title: Cybersecurity Lead

Job Description:

Description:

Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, other organizations, and the Nation.

Tasks:

• Manage and approve Accreditation Packages (e.g., ISO/IEC 15026-2)
• Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network
• Establish acceptable limits for the software application, network, or system

Knowledge:

• Computer networking concepts and protocols, and network security methodologies
• Risk management processes  (e.g., methods for assessing and mitigating risk)
• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
• Cybersecurity and privacy principles
• Cyber threats and vulnerabilities
• Specific operational impacts of cybersecurity lapses.
• Cyber defense and vulnerability assessment tools and their capabilities
• Cryptography and cryptographic key management concepts
• Organization's enterprise information security architecture
• Organization's evaluation and validation requirements
• Security Assessment and Authorization process
• Cybersecurity and privacy principles used to manage risks related to the use, processing, storage, adn transmission fo information or data
• Vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Risk Management Framework (RMF) requirements
• Information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities
• New and emerging information technology (IT) and cybersecurity technologies
• System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Structured analysis principles and methods

Skills:

• Discerning the protection needs (i.e., security controls) of information systems and networks
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• IAM Level III certified

Abilities:

• Assess and forecast manpower requirements to meet organizational objectives
• Develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities
• Coordinate cyber operations with other organization function or support activities
• Identify external partners with common cyber operations interests
• Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives
• Work across departments and business units to implement organization's privacy principles and programs, and align privacy objectives with security objectives
• Relate strategy, business, and technology in the context of organizational dynamics.
• Understand technology, management, and leadership issues related to organization processes and problem solving
• Understand the basic concepts and issues related to cyber and its organizational impact
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Identify critical infrastructure systems with information communication technology that were designed without system security considerations.

Clearance:

• TS/SCI with CI Poly

Please fill out the short application form below. If you have applied for a position with RiVidium in the past, we will know by querying your email address within our database once you submit the form. At that time we will ask you if you would like to use the resume we have on file to apply for the position described above. You will also have the option to submit a new resume if you wish to do so.