Cyber Security Lead – Abacus Technology Corporation – Rome, NY
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Abacus Technology is seeking a Cyber Security Lead to provide tier 3 cyber security management for the Air Force Research Laboratory (AFRL) Information Directorate . This is a full-time position.
- Working Cybersecurity Lead for Tier 3 Cybersecurity management.
- Coordinate, maintain, change, and keep updated, the Risk Management Framework (RMF) Assessment and Authorization (A&A) packages.
- Perform the Information Assurance Vulnerability Management (IAVM) process by ensuring systems and networks maintain compliance with vulnerabilities.
- Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments.
- Implement and maintain the OSI DMZ and boundary control devices including routers, firewalls, and sensors.
- Conduct Computer Network Defense (CND) actions, and Computer Network Exploitation (CNE) enabling activities.
- Defend against unauthorized activity within computer networks including monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities.
- Determine the attribution and actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein to develop incident response plans using forensically sound methods and procedures.
- Ensure that all application deliverables comply with the DISA Application Security & Development and Database STIG, which includes the need for source code scanning and a Web Penetration Test to mitigate vulnerabilities (including as examples, SQL injections, cross-site scripting, and buffer overflows).
- Review current CCRI requirements and ensure systems and their operations are compliant.
5+ years’ experience in cyber security. Must be IAT Level III (CISSP, CASP+ CE, CISA, GCED, GCIH, or CCNP Security) certified IAW AFMAN 17-1303. Extensive experience with Risk Management Framework (RMF), STIGs, and DoD cyber security compliance requirements.
Networking experience including routers, switches, and firewalls. Experience with Cisco and Juniper. Experience performing vulnerability and risk assessment using DISA’s Assured Compliance Assessment Solution (ACAS) suite or Nessus Security Scanner.
Experience with ArcSight/Splunk or another Security Information Event Manager (SIEM).
Experience with DoD Host Based Security System (HBSS) administration. Experience working with Enterprise Mission Assurance Support Service (eMASS). Experience with development/architecture for apps and services, and testing and administration.
Strong knowledge of Microsoft Windows technologies, including Active Directory, Windows Administration, scripting, and Windows configuration techniques. Strong desktop application administration experience to include Microsoft Office, web browsers, and anti-virus applications.
Must be detail-oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Excellent communication skills, both oral and written. Analytical skills to troubleshoot IA issues.
Must be able to apply intensive and diverse knowledge to problems and make independent decisions.
Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team.
Must be a US citizen and hold a current Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.