This candidate will provide senior level consulting to a team of information security engineers, testers and writers. Develop handbook, policy and white papers. Provide security guidance to the client and junior employees plus infosec consulting services will be provided by this individual on a regular basis. Additionally, this person will have a direct impact on current and future information security processes and policy across the enterprise.
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to the Top Secret level.
The successful candidate will have at least seven years in the information security field, with a wide range of skills such as handbook/white paper and policy writing, infosec governance, security assessments of new software and systems, assessing network designs for security compliance and system test and evaluation. Included in these skills is a thorough understanding of the Security Authorization process and how it works in the Federal workplace. Four of these years must be in a lead security design or technical task/program leadership position. Must possess a strong background with NIST and the relationship of FISMA to Federal architectures.
This candidate should possess a B.A. or B.S. in related field and 7 years of experience. B.A. or B.S. may be substituted with 4 additional years of professional Information Assurance services experience.
Additionally, this candidate must:
- Be able to communicate effectively through written and verbal means to co-workers, subordinates and senior leadership.
- Be able to effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
- Be prepared to offer security-related guidance on business processes, emerging technology and acquisitions, and vulnerability assessment / mitigation approaches.
- Be able to effectively mentor junior information assurance engineers.
- Be able to conduct effective vulnerability assessments of networked and stand-alone information systems to the extent of conclusively validating all technical controls found within NIST SP 800-53.
- Must be a able to lead the client to set of solutions, provide recommendations and craft options for the client to pursue where there is a lack of clear direction.