CYBERSECURITY SUBJECT MATTER EXPERT

REMOTE OPPORTUNITY

• Provides expert support, research and analysis of exceptionally complex problems, and processes relating to them.
• Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems.
• Thinks independently and demonstrates exceptional written and oral communications skills.
• Applies advanced technical principles, theories, and concepts.
• Contributes to the development of new principles, concepts, and methodologies.
• Works on unusually complex technical problems and provides highly innovative and ingenious solutions.
• Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs. Works under consultative direction toward predetermined long range goals and objectives.
• Assignments are often self-initiated. Determines and pursues courses of action necessary to obtain desired results.
• Develops advanced technological ideas and guides their development into a final product.
• Expertise is in the area of cybersecurity and evaluations. 

Additional Qualifications:

• Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications and IT frameworks.
• Strong analytical and problem-solving skills for resolving security issues.
• Strong skills implementing and configuring networks and networks components.
• Command Cyber Readiness Inspection certification in at least one of the following areas:
• Retina scan analysis
• Operating Systems (Windows, Unix)
• Boundary defense (network policy, router, firewall)
• Internal defense (L2 switch, L3 switch)
• DNS (policy, BIND/Windows)
• HBSS (remote console, AV, ABM, PA, HIPS, ePO)
• Traditional security (Common, Basic, NCV, SCV)
• Wireless communications (BES, handhelds)
• Tenable Certified NESSUS Auditor, IAM level III and IAT level II certifications
• Knowledge and understanding of DOD security regulations, DISA STIGs.
• Strong knowledge of SCAP
• Strong knowledge of RMF
• Excellent knowledge of and proficiency with:
• VULNERATOR
• USCYBERCOM CTO Compliance Program
• Wireless vulnerability assessment
• Web Services (IIS, Apache, Proxy)
• Database (SQL Server, Oracle)
• Email Services (Exchange)
• Vulnerability Scans (NESSUS, SCCM)
• Knowledge of Phishing exercises
• USB Detect
• Physical Security
• Required to possess a DOD SECRET Clearance and be eligible for an IT-II upon assignment.
• DISA FSO certified CCRI Team Lead and certification in penetration testing, such as:
• Licensed Penetration Tester (LPT)
• Certified Expert Penetration Tester (CEPT)
• Certified Ethical Hacker (CEH)
• Global Information Assurance Certification Penetration Tester (GPEN)

Minimum Experience:

• Seven (7) years IT experience
• Five (5) years IA experience
• Three (3) years of experience with DOD Vulnerability Management System
• Must have ten (10) years’ experience supporting DoD or Federal Oracle shared service providers on an Oracle EBS R12.2 platform or higher.

Required:

• Security Clearance:
• Access Level: IT-2
• Sensitivity Level: Non-critical Sensitive
• Type of Investigation: Current Tier 3 (T3) or National Agency Check with Local Agency Check and
• Credit Check (NACLC) at time of proposal submission.
• DoD 8570.01-M Certification: DFARS Information Assurance Contractor Training and Certification is required for this position.
• IA Technical (IAT)/IA Management (IAM) Level: IAT Level II
• IA Baseline Certification: Attachment_3_DOD 8570 Approved Baseline Certifications_Full_20210526
• CE/OS Certificate: Attachment_4_DLA Approved CS CE List_v28_20230221. Certification must be applicable to the Oracle based DAI Application Environment
• Relevant certification from a nationally recognized technical authority