- 01-May-2023 to Until Filled (EST)
- Alexandria, VA, USA
- Full Time
- TS/SCI with CI Poly
Title: Cybersecurity Compliance Inspector ~ HBSS
Location: Alexandria, VA; Washington, DC; Reston, VA; College Park, MD
Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph
Responsibilities:
The Cybersecurity Compliance Inspector is responsible for conducting endpoint security tool reviews using DISA STIGs and IC Policy requirements. IC Policies include ICS 502-02 Host Base Security and ICS 500-18. In supporting inspections, the reviewer will:
- Coordinate with multiple organizations and the reviewer staff
- Consolidate reports on an organization's enterprise
- Validate correct configurations
- Conduct inspection interviews
- Develop and complete inspection checklists
- Provide input to written reports on compliance and associated risks
- Coordinate with purple team and cyber threat emulation activities
- Support the verification of IDPS (IDS/IPS) implementation
- Identifying specific events (i.e., malware detection alerts) for use polling other security systems to ensure events are captured
- Knowledge of how HBS implementation is coordinated, acquired, and managed
- Knowledge of how data is aggregated into the HBS tool from multiple hosts
- Knowledge of how and what HBS data is reported to the IC SCC
- SME on how HBS agents are properly configured, protected, and appropriately monitoring, blocking, restricting and are reported to an analyst
- Knowledge of how a complex, government enterprise implements McAfee ePolicy Orchestrator and be familiar with the HBSS/ESS modules and how to troubleshoot issues. This includes VirusScan Enterprise (VSE), Endpoint Security (ENS), Data Loss Prevention (DLP), Asset Configuration Compliance Module (ACCM), Rogue Sensor Detection (RSD), Policy Auditor (PA), File Integrity Monitoring (FIM)
- Experience developing or reviewing policy for the host-based firewall, application whitelisting, intrusion prevention exclusions, DLP executions, and VSE exclusions
- SQL Database administration experience
- Windows Server administration experience
- McAfee Host Base Security-Endpoint Security System is the most common tool, but knowledge of other host-based security compliance scanners, such as Tanium, is highly recommended.
- Demonstrate advanced writing skills; experienced in coordinating multiple viewpoints into a cohesive document
- Demonstrate experience with DoD STIGs and STIG Viewer tool
- Demonstrate attention to detail
- Demonstrate the ability to work independently
The reviewer will support the pre-inspection phase activities to include:
- Logistical and team coordination
- Virtual testing to determine feasibility of conducting reviews remote to the site (still within on-site facilities)
- Answering questions prior to the inspection with regards to the review
- Submitting administrative facilities and systems access forms
- Analyzing network diagrams
The reviewer will support the post-inspection phase activities to include:
- Responding to RFIs
- Cooperation with IV&V activities as organizations work to remediate vulnerabilities discovered during the vulnerability assessment
The reviewer will be expected to identify ways to improve the program. This includes development of program documentation, cross-functional coordination, community collaboration, and automation.
Requirements:
- Bachelor's degree in Cybersecurity, Computer Science or a related technical discipline plus ten (10) years of relevant experience; an additional four (4) years of hands-on experience may be substituted in lieu of a degree
- Must possess current DoD 8570 IAT Level III certification
- Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph
- Must be willing to travel up to 10-25% (mostly local travel)
Equal Opportunity Employer/Veteran/Disabled
