SME Cyber Security Audit and Compliance Specialist

Overview

DecisionPoint Corporation is seeking a SME Cyber Security Audit and Compliance Specialist to join our team on an upcoming contract to support the Unites States Coast Guard USCG) Aviation Logistics Center (ALC) Information Systems Division (ISD) in Elizabeth City, North Carolina. The USCG ALC ISD provides development, security, and operations (DevSecOps) IT support for products and services for the Coast Guard Information Officer (CIO), Commandant, and Coast Guard Cyber Command through a geo-dispersed workforce including military, civilians, an contractor personnel committed to supporting the USCG's missions and requirements of the leading growing interconnectivity, increased reliance on data and networks, and development of commercial space and artificial intelligence systems.

Position is on-site with off-site capabilities.

Duties & Responsibilities

The duties and responsibilities of the SME Cyber Security Audit and Compliance Specialist include:

• Information about existing security products, authorized vulnerability management policies, and procedures.
• Evaluate security requirements and conducts feasibility studies to examine software and hardware requirements, administration costs, and data information flow.
• Assists with the Security Controls Auditor in validating the security controls and the Risk Management Framework.
• Develops and maintains cyber security policy to comply with requirements.
• Plan and schedule cyber project activities and monitors and reports project progress.
• Work with customers to implement system security measures, assists with cyber security plans and documentation and provides technical guidance and training.
• Conduct an analysis of system vulnerability management, remediation solutions, and develop the necessary POAMs.
• Collaborate with internal and/or external security teams regarding audits and security controls.
• Evaluate, tests, monitor, and maintain information security policies, procedures and systems such as hardware, firmware, and software.
• Ensure security design, controls, and procedures are aligned with information security standards and are appropriate to mitigate risk of exposure.
• Identifies security violations, determines cause, and implements procedures to prevent future incidents.

Qualifications

• Active SECRET Clearance required.
• Bachelor's or associate degree in Computer Science, Math, Information Technology, Engineering, or related field or at minimum IT Certification.
  • Note: Six (6) years' experience is equivalent to three (3) years of education.
• Six (6) years of experience in Information security with cyber security, security programs or compliance assurance.
• Six (6) years of experience with Security Information and Event Management (SIEM).
• Six (6) years of experience in the risk management framework.
• Basic knowledge of the following: Active Directory, UNIX, Windows, Relational Databases.
• Knowledge of NIST special publications and accreditation and authorization process.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.