Type: Temp/Contract Location: McLean, VA (hybrid) Responsibilities: Analyze the source code of existing ColdFusion v9 apps Identify all the changes required ...
Tekstream Solutions - Virginia
Published 11 days ago
Center 2 (19050), United States of America, McLean, Virginia Senior Software Engineer, DevOps Do you love building and pioneering in the technology space? Do...
Capital One - Virginia
Published 11 days ago
Requirements: • Must be a U.S. Citizen and have an active Secret clearance (interim is acceptable).• • Recent development experience (at least 4+ years) with...
Randstad Digital - Virginia
Published 11 days ago
Date Posted: 2024-04-05 Country: United States of America Location: VA543: 22270 Pacific Blvd, Dulles 22270 Pacific Boulevard Building CC5, Sterling, VA, 201...
Nightwing - Virginia
Published 11 days ago
Job Description
Job Description
We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes
health/dental/vision/life
insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at:
https://www.onezerollc.com/careers/
Position Title:
Network Technical Reviewer - Expert
Clearance : TS/SCI
Location : Reston, VA
** This is an on-site role**
**Must be willing to travel up to 30%, including local travel within the National Capital Region (NCR) of Northern Virginia, Maryland, and Washington, DC
. **
Responsibilities:
JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners' critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.
JCIP Reviewers are integral to conducting inspections of environments across the Intelligence Community (IC). They are responsible for:
Interacting with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans,
Responsible for interviewing organizational subject matter experts in conducting STIG, SRG, and IC policy checklists,
Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security controls,
Participating in the planning, execution, and reporting of security audits and network vulnerability assessments with minimal supervision,
Assisting in preparation of assessment deliverables -Security Risk Assessments input, compliance data, STIG data, etc.,
Communicating on impact of vulnerabilities verbally, through presentations and written deliverables,
Plan, execute, and report on information technology, privacy, and operational reviews to identify mission, privacy, security, compliance, information technology, and regulatory risks,
Familiar with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals.
Required Qualifications
Experience:
At least five (5) years of experience in system administration, specifically with HBSS platforms such as Trellix. A minimum of twelve (12) years of experience in Cyber/Information Assurance, with a comprehensive understanding of cybersecurity disciplines including but not limited to the Risk Management Framework, DevSecOps, and cybersecurity engineering. Demonstrate an understanding of:
VLANs and VLAN Trunking: Demonstrated capability in configuring and managing Virtual Local Area Networks (VLANs) and VLAN trunking to support secure network segmentation and operational efficiency, aligning with industry best practices
Spanning Tree Protocol (STP): Expertise in implementing STP to prevent network loops, ensuring resilient and secure network topologies
OSPF, BGP, and GRE Tunneling: Solid foundation in key routing protocols (Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP)) and Generic Routing Encapsulation (GRE) tunneling, crucial for secure and efficient network routing and connectivity
Network Segmentation Best Practices: Proficiency in applying best practices for network segmentation, enhancing security, and optimizing network performance
Switching Topology Security: Knowledge in securing switching topologies against unauthorized access and threats, ensuring data integrity
Remote Administration: Skills in the secure remote management of network devices, maintaining network integrity and availability
ACL Configuration and Validation: Ability to configure and validate Access Control Lists (ACLs) to regulate traffic flow and bolster network security, in compliance with established standards
User Management: Experience in the secure management of network user access and permissions, safeguarding against unauthorized access
Firewall Auditing, Validation & Monitoring: Competency in auditing, validating, and monitoring firewall configurations to uphold network security, according to NIST, ICD, SRG, and industry guidelines
Information Flow Diagramming: Ability to create and interpret information flow diagrams, documenting network data flows and security measures effectively
Firewall Design Understanding: In-depth knowledge of firewall design principles to support the development of secure network architectures
Network Architecture Validation: Skills in validating network architectures to ensure they meet security and performance requirements, aligned with NIST, ICD, SRG, and industry standards
Rules Review and Analysis: Proficiency in reviewing and analyzing firewall and network device rules for compliance with security policies and best practices
Next Generation Firewalls: Understanding of Next Generation Firewall (NGFW) technology and its role in defending against advanced network threats
Education:
Bachelor's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, Information Systems, or a related technical discipline; an additional four (4) years of relevant experience may be substituted in lieu of a degree.
Certifications:
Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III.
Skills:
Strong independent work ethic (auditor mentality), exceptional oral and written communication skills, and the ability to work unsupervised.
Preferred Qualifications
Technical Proficiency:
Experience in engineering and operations & maintenance of enterprise Network platforms (e.g., Cisco, Juniper, Arista, Aruba, Palo Alto). Out of Band Network Management, Port Security, Comply to Connect and Zero Trust requirements.
Advanced Skills:
Proficiency in using advanced vulnerability assessment and reporting tools such as Tenable, Splunk, and Tableau.
Interdivision Collaboration:
Demonstrated ability to operate across departments to implement cybersecurity principles effectively.
Multitasking and Time Management:
Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies.
OneZero Solutions, LLC is an Equal
Opportunity/Affirmative
Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access
www.onezerollc.com/careers
as a result of your disability.
To request an accommodation, please contact us at
********
or call (202) 987-2580.
Job Posted by ApplicantPro
#J-18808-Ljbffr
Built at: 2024-11-10T19:41:52.471Z