Required Skills & Experiences:
- Five years’ experience implementing cyber security solutions, standards and procedures across INSCOM, HQDA G2, NSA or Intelligence Community efforts to ensure information confidentiality, integrity and availability of INSCOM’s systems and capabilities;
- Five years’ experience ensuring environments are in compliance IAW the ICD 503 Risk Management Framework and NIST and emerging DoD polices;
- Five years’ experience developing System Security Plan (SSP), Security Assessment Report (SAR), Risk Assessment Report, Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Software and Installation Procedures, Security Test Procedures and Software Application documentation policy and procedures requirements;
- Two years’ experience reviewing and validating vulnerability scan results at the operating system (OS) and application level and perform detailed analysis in support of OS and application level vulnerabilities;
- Two years’ experience using Fortify, ACAS, Nessus or other code scan results which may not be a part of the current system; and
- Must have current industry certification with DOD 8570 IAM-II.
- Must have eMASS and RMF experience.