Overview
On Site
Full Time
Skills
NIST 800-53
Software security
Cyber security
Security controls
Risk assessment
Computer science
Information Technology
Computer engineering
Security clearance
Professional services
Virtualization
Storage
Global Positioning System
Strategy
Data
Pivotal
IC
Regulatory Compliance
STIG
Splunk
Documentation
Reporting
Operations
Inspection
Training
Collaboration
Leadership
Interviewing
Policies
Planning
Marketing communications
Job Details
Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte's Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.
Work you'll do:
JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners' critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.
JCIP Reviewers are integral to conducting inspections of environments across the Intelligence Community (IC). They are responsible for:
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Required:
Preferred:
#LI-MC4
Work you'll do:
JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners' critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.
JCIP Reviewers are integral to conducting inspections of environments across the Intelligence Community (IC). They are responsible for:
- Interacting with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans,
- Responsible for interviewing organizational subject matter experts in conducting STIG, SRG, and IC policy checklists,
- Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security controls,
- Participating in the planning, execution, and reporting of security
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Required:
- Bachelor's degree required, preferably in Computer Science, Information Technology, Computer Engineering, or related discipline
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
- Must be able to maintain the required security clearance for this role -active TS/SCI with Polygraph
- Must possess IAT III Certification or equivalent certification
- Minimum of 12 years of experience required
Preferred:
- Assist in identifying, prioritizing, and coordinating the development of critical cybersecurity
- Prior professional services or federal consulting experience
#LI-MC4