Invictus International Consulting, LLC
  • 03-Mar-2022 to Until Filled (EST)
  • Washington, DC, USA
  • Full Time
  • TS/SCI with CI Poly


Title: Senior Technical Reviewer - HBSS

Location: Reston, VA or Washington, DC

Clearance: TS/SCI w/CI Poly


Responsibilities:

  • Responsible for performing impact/risk assessments on technologies identified under "Technical Requirements" for Host Based Security systems.
  • Responsible for identifying cybersecurity vulnerabilities on target assets associated with identified critical mission(s), using automated capabilities and manual methods through on-site or via remote means.
  • Conduct independent comprehensive assessments of their areas of technical expertise, of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
  • Have comprehensive knowledge of controls related to the use, processing, storage, and transmission of data.
  • Responsible for identification of indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
  • Responsible for recognizing, categorizing, and documenting types of vulnerabilities and associated attacks for inclusion into reports.
  • Responsible for assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • Assist in the collection of information regarding targeted organizations (i.e., prior inspection results, and various data bases to include accreditation systems of record such as Xacta or eMASS) to understand known/identified risks and vulnerabilities of the target organization/system/location.
  • Researching source information to aid in successful targeting and reporting of risk.
  • Developing vulnerability test plans to document required compliance-based testing to be conducted against target critical assets during an assessment.
  • Utilizing standard tools to assess existing vulnerabilities and discrepancies in secure configuration
  • Using DoD Security Technical Implementation Guides (STIG) and STIG Viewer tool to record all non-scan technology inspection results.
  • Uploading resulting STIG inspection exports and/or DoD Assured Compliance Assessment Solution (ACAS) vulnerability scan results to central portals or data repositories.
  • Developing and completing applicable test procedures.
  • Analyzing results of vulnerability assessment to determine root cause and potential impact to mission.
  • Providing details and synopsis of results for inclusion in Final Report and Out-briefs.

Technical HBSS Skills:


  • Create Reports and Dashboards
  • HBSS Industry Best Practices
  • Familiar with McAfee Modules: VSE, ENS, DLP, ACCM, HIPS, RSD, PA, ABM; IDS/IPS rules; DISA Secure Host Baseline
  • DoD/IC Mandated Security Configurations
  • File Integrity Monitoring
  • Experience developing or reviewing policy for HIPS Firewall, HIPS application whitelisting, HIPS intrusion prevention exclusions, DLP executions, and VSE exclusions
  • HIPS Signatures, SCAP, STIGS, SRG, Nessus, SQL Database administration experience, Server administration experience, HBSS 201 and 301 certificates

Requirements:

  • Minimum of ten (10) years' Cyber/Information Assurance experience with a general intermediate knowledge of cybersecurity disciplines: (Risk Management Framework, DevSecOps, CND, cybersecurity engineering, continuous monitoring, customer on-boarding).
  • Minimum of five (5) years of experience performing system administration in HBSS
  • Bachelor's degree or 4 additional years of work experience required
  • Current TS/SCI with CI polygraph clearance required; or ability to obtain
  • DOD 8570.01-M Cybersecurity workforce certification, IAT III and CND-AU/CSSP-AU compliant.
  • This position requires contractor personnel to attest to being fully vaccinated or, if not fully vaccinated, may require contractor to present the results weekly of a negative COVID-19 test taken within the previous 6 days.
Invictus International Consulting, LLC
  • Apply Now

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Follow Jobs:
  • Follow Our Jobs On Facebook
  • Share This Page
  • Facebook Twitter LinkedIn Email
.
About Why Invictus Logo Solutions Join Us Contact