Cyber SME (CBP) with Security Clearance
Overview LMI seeks a skilled Cyber SME to support a Customs and Border Protection (CBP) PMO in the National Capital RegionJoin our team of collaborative self-starters focused on delivering practical and efficient solutions to help our client keep U.
Sborders safe and facilitate travel and tradeAs part of our high-performing team, you will augment our vital work to provide eyes and ears technology to protect our nationLMI:
Innovation at the Pace of Need(TM) At LMI, we're reimagining the path from insight to outcome at the new speed of possibleCombining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission successWe energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capabilityLMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needsResponsibilitieso Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.
o Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle.
o Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members.
o Participate in recurring cybersecurity working group meetings.
o Support resilience, information assurance and continuity of operations taskingo Develop or review system security designs and architectures, including those for IoT or OT devices.
o Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute.
o Support the Risk Management Framework (RMF) process for each product in the portfolio.
o Provide SME level cybersecurity engineering support and input to product leads and cybersecurity teams to produce authority to operate (ATO) packages and successfully achieve ATOs.
o Support interim authority to test (IATT), risk assessment /acceptance, and all other ATO related activities.
o Interpret security control noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
o Work with product teams to identify controls, develop appropriate mitigations, and develop and track Program of Action and Milestone (POAM) documents to ensure that ATO packages are technically sound before submission to the program cyber staff for review.
o Support necessary compliance activities (e.
g.
, ensure that system security configuration guidelines are followed, compliance monitoring occurs).
o Advise system engineers on the best methods to remediate vulnerability findings through the use of security scanning tools and DoD / Industry best practices.
o Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
o Work with interdisciplinary teams to deliver trustworthy and secure systemsQualifications Required:
o Minimum of a MS/MA degree and 10 or more years of related experience OR minimum of a BS/BA degree and 18 or more years of related experience.
o 5 years minimum of system and/or security engineering work performed in support of U.
SGovernment customerso Experience reviewing and developing of RMF Assessment and Authorization (A&A) documentation, e.
g.
, System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs)o Experience implementing DoDI 8510.
01 Risk Management Framework for DoDo DoD 8570 IASAE Level II baseline certification (CISSP, CCSP, etc.
)o Must possess and maintain a Secret Security Clearanceo Ability to pass a government background investigation, including financial, criminal, residential, educational, foreign affiliation, prohibited substance abuse, and employment verifications; active U.
SCustoms and Border Protection background investigation preferredPlease note that only U.
Scitizens are eligible for a suitability determinationDesired:
o Knowledge of Cloud (i.
e.
, Azure, AWS, etc)security planning, design, and operations.
o One or more years of experience with networking and network securityo One or more years of experience with system resiliency and continuity of operations/disaster recovery and or business continuity planning (BCP)o Ability to explain complex cybersecurity issues to a diverse audience in layman's terms.
o Experience presenting verbal/written communications to Senior leadership including - Information Systems Security Engineer (ISSM), System Owners, Authorizing officials, and security leads.
o Experience with systems engineering lifecycle processes.
o Proven ability to balance priorities in a dynamic, mission-oriented environment.
o Experience with agile frameworks and Continuous Integration/Continuous Delivery (CI/CD) frameworks such as DevOps or DevSecOps.
o Experience with cloud cybersecurity implementations.
o DoD 8570 IASAE Level III certification, such CISSP-ISSAP or CISSP-ISSEP or ability to be certified at level III within 6 months of start.
Recommended Skills Adaptability Agile Methodology Business Continuity Planning Certified Information Systems Security Professional Communication Computer Security Apply to this job.
Think you're the perfect candidate? Apply on company site Estimated Salary: $20 to $28 per hour based on qualifications.
Sborders safe and facilitate travel and tradeAs part of our high-performing team, you will augment our vital work to provide eyes and ears technology to protect our nationLMI:
Innovation at the Pace of Need(TM) At LMI, we're reimagining the path from insight to outcome at the new speed of possibleCombining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission successWe energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capabilityLMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needsResponsibilitieso Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.
o Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle.
o Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members.
o Participate in recurring cybersecurity working group meetings.
o Support resilience, information assurance and continuity of operations taskingo Develop or review system security designs and architectures, including those for IoT or OT devices.
o Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute.
o Support the Risk Management Framework (RMF) process for each product in the portfolio.
o Provide SME level cybersecurity engineering support and input to product leads and cybersecurity teams to produce authority to operate (ATO) packages and successfully achieve ATOs.
o Support interim authority to test (IATT), risk assessment /acceptance, and all other ATO related activities.
o Interpret security control noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
o Work with product teams to identify controls, develop appropriate mitigations, and develop and track Program of Action and Milestone (POAM) documents to ensure that ATO packages are technically sound before submission to the program cyber staff for review.
o Support necessary compliance activities (e.
g.
, ensure that system security configuration guidelines are followed, compliance monitoring occurs).
o Advise system engineers on the best methods to remediate vulnerability findings through the use of security scanning tools and DoD / Industry best practices.
o Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
o Work with interdisciplinary teams to deliver trustworthy and secure systemsQualifications Required:
o Minimum of a MS/MA degree and 10 or more years of related experience OR minimum of a BS/BA degree and 18 or more years of related experience.
o 5 years minimum of system and/or security engineering work performed in support of U.
SGovernment customerso Experience reviewing and developing of RMF Assessment and Authorization (A&A) documentation, e.
g.
, System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs)o Experience implementing DoDI 8510.
01 Risk Management Framework for DoDo DoD 8570 IASAE Level II baseline certification (CISSP, CCSP, etc.
)o Must possess and maintain a Secret Security Clearanceo Ability to pass a government background investigation, including financial, criminal, residential, educational, foreign affiliation, prohibited substance abuse, and employment verifications; active U.
SCustoms and Border Protection background investigation preferredPlease note that only U.
Scitizens are eligible for a suitability determinationDesired:
o Knowledge of Cloud (i.
e.
, Azure, AWS, etc)security planning, design, and operations.
o One or more years of experience with networking and network securityo One or more years of experience with system resiliency and continuity of operations/disaster recovery and or business continuity planning (BCP)o Ability to explain complex cybersecurity issues to a diverse audience in layman's terms.
o Experience presenting verbal/written communications to Senior leadership including - Information Systems Security Engineer (ISSM), System Owners, Authorizing officials, and security leads.
o Experience with systems engineering lifecycle processes.
o Proven ability to balance priorities in a dynamic, mission-oriented environment.
o Experience with agile frameworks and Continuous Integration/Continuous Delivery (CI/CD) frameworks such as DevOps or DevSecOps.
o Experience with cloud cybersecurity implementations.
o DoD 8570 IASAE Level III certification, such CISSP-ISSAP or CISSP-ISSEP or ability to be certified at level III within 6 months of start.
Recommended Skills Adaptability Agile Methodology Business Continuity Planning Certified Information Systems Security Professional Communication Computer Security Apply to this job.
Think you're the perfect candidate? Apply on company site Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
