Yesterday
Top Secret
Unspecified
Unspecified
Security
Boulder, CO (On-Site/Office)
STIG Compliance/Vulnerability Management SME Boulder, CO or Fairmont, WV 5 days a week in Office with the possibility of 2 days remote
Top Secret As the STIG Compliance/Vulnerability Management SME, you will work either independently or as part of a team to achieve critical mission objectives, ensuring smooth operations for the customer.
What Will You Do:
• Evaluate security risks on systems
• Evaluate STIG compliance
• Execute and manage the NCSC Vulnerability Management Plan
• Create and maintain compliance scan policies
• Maintain a master asset list
• Troubleshoot scan issues and coordinate with appropriate team members.
• Continuously research emerging threats to the environment in order to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the SOC and SE&O to protect the environment.
• Ensure system compliance against federal and DOC policies
• Identify & document all non-compliant areas
• Support Assessment and Authorization activities
• Conduct, operate, and maintain vulnerability/compliance assessments and the resulting data and reports
• Author and maintain SOPs and runbooks
• Other duties as assigned
Job Qualifications:
• Bachelor's degree in Information Technology, Cybersecurity, or related field with 8 or more years of STIG Compliance/Vulnerability Management experience to including implementing and evaluating STIG controls and security baselines; additional years of experience required in lieu of a Bachelor's degree.
• Significant experience with NIST Cybersecurity Framework and/or risk management within the Intelligence Community.
• 2+ years of project management experience.
• Experience being part of a high performing A&A teams and adapting standards to create "best practices".
• Demonstrate knowledge of ports and protocols.
• Demonstrate knowledge of DISA STIGs and related tools.
• Possess the knowledge of security best practices, security solutions, and methodologies for risk management per NIST Cybersecurity Framework guidelines.
• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
• Familiar with the management, operational, and technical aspects of IT Security in a complex environment.
Clearance Requirement
• An active DoD Top Secret clearance
Top Secret As the STIG Compliance/Vulnerability Management SME, you will work either independently or as part of a team to achieve critical mission objectives, ensuring smooth operations for the customer.
What Will You Do:
• Evaluate security risks on systems
• Evaluate STIG compliance
• Execute and manage the NCSC Vulnerability Management Plan
• Create and maintain compliance scan policies
• Maintain a master asset list
• Troubleshoot scan issues and coordinate with appropriate team members.
• Continuously research emerging threats to the environment in order to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the SOC and SE&O to protect the environment.
• Ensure system compliance against federal and DOC policies
• Identify & document all non-compliant areas
• Support Assessment and Authorization activities
• Conduct, operate, and maintain vulnerability/compliance assessments and the resulting data and reports
• Author and maintain SOPs and runbooks
• Other duties as assigned
Job Qualifications:
• Bachelor's degree in Information Technology, Cybersecurity, or related field with 8 or more years of STIG Compliance/Vulnerability Management experience to including implementing and evaluating STIG controls and security baselines; additional years of experience required in lieu of a Bachelor's degree.
• Significant experience with NIST Cybersecurity Framework and/or risk management within the Intelligence Community.
• 2+ years of project management experience.
• Experience being part of a high performing A&A teams and adapting standards to create "best practices".
• Demonstrate knowledge of ports and protocols.
• Demonstrate knowledge of DISA STIGs and related tools.
• Possess the knowledge of security best practices, security solutions, and methodologies for risk management per NIST Cybersecurity Framework guidelines.
• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
• Familiar with the management, operational, and technical aspects of IT Security in a complex environment.
Clearance Requirement
• An active DoD Top Secret clearance
group id: PRISMVA
