Necessary Skills and Knowledge:
- In-depth knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.
- Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.
- Possesses demonstrated expertise in and capability to perform full range of Information System Security to include:
- Assist in identifying, implementing, and assessing security, privacy, and common controls.
- Work with system stakeholders to develop the SSPP, SAR, ISCP, Incident Response Plan (IRP), Configuration Management Plan (CMP), MOU/A, Interconnection Security Agreements (ISA), POA&Ms, and related information system documentation to include ISO memos, Project Plan, FIPS 199, System Security Plan (SSP) and control plans.
- Ensure common controls are available for inheritance by other information systems.
- Ensure systems operate, maintain, and dispose of information and data per DOJ policies and procedures.
- Report and support the SO with all security-related incidents.
- Monitor system recovery processes and ensure proper information system security features restoration.
- Perform security and privacy control assessments and information security continuous monitoring (ISCM) per DOJ's frequencies.
- Serve as a Configuration Control Board (CCB) member to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.
- Complete the security impact assessment for any system-related change that could affect the security posture of the information system.
- Address information system security requirements during all phases of an information system lifecycle.
- Review system audit logs, maintain evidence of review, and report completion of audit log review to the SO.
- Review and analyze automated scan results and work with stakeholders to document remediation activities.
- Monitor the security posture of the information system and report any anomalies.
- Proficiency with Microsoft Office Suite.
Minimum Qualifications:
- Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Experience equivalency will be considered if no degree.
- Minimum of 7 years of experience in information security, with at least 2 years in a leadership or managerial role.
Preferred Qualifications:
- Master's degree in a related field.
- Professional certifications in cybersecurity (e.g., CISSP, CISM, CompTIA Security+) preferred.
- Active Secret Clearance.
The salary range for this position is $120,000 - $135,000 per year.
Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.