Senior Cyber Security SME

Job Description

Senior Cyber Security SME – 1 Position

Senior Cyber Security SME

Terms:

• 6 month contract-to-hire
• Pay Rate: $70/hr absolute max – No exceptions
• Conversion salary: up to $100,000 to $180,000 max – No exceptions
• U.S. Citizens, Permanent Residents only
• Bachelor’s Degree required
• Minimum 8 years experience required (Sr. I = 8 yrs+)
• On-site 2 days, Remote 3 days per week
• Public Trust Clearance (generally 2 to 4 months)

THIS ROLES REQUIRES 2X/WEEK ONSITE IN Silver Spring, MD

Note:  This position needs a very technical person, PM is secondary to technical experience

End Client:

The client provides data, tools, and services that support coastal economies and their contribution to the national economy. It is responsible for preserving and enhancing the nation’s coastal resources and ecosystems along the 95,000 miles (153,000 km) of shoreline bordering 3,500,000 square miles (9,100,000 km2) of coastal, Great Lakes, and ocean waters. Its mission is to “provide science-based solutions through collaborative partnerships to address evolving economic, environmental, and social pressures on our oceans and coasts.”

Project Summary:

The Senior Cyber Security SME provides leadership to ensure cyber security compliance per contract requirements. This position manages multiple projects for developing processes, tools and technologies to mitigate cyber threats. An ideal candidate has experience successfully applying Agile project management theories and concepts, an understanding of cybersecurity, excellent communication, and the ability to collaborate across various functions to achieve project / organizational objectives.

Project Management Professional (PMP) certification is desired and one of the leading industry certifications in Cyber Security (e.g., CISSP, CISM, etc.) is required.

This position is on-site 2 days per week.

Primary Responsibilities:

• Performs both technical and non-technical activities supporting the Cyber Security Program.
• Non-technical activities include Manage policy and compliance activities; Provides NIST Special Publications consultation; Oversees the team activities
• Technical activities include Oversight and/or technical operations of security tools in use by the client; analysis and assists with integrating DHS Continuous Diagnostic and Mitigation (CDM) new tools into the security program; Provides backup to the Senior-Level Security Engineer
• Provides backup to the Senior-Level Security Engineer.
• Provides technical support on the usage of enterprise security tools (e.g., Tenable Security Center, Azure Security Center, ArcSight, BigFix, CSAM, SmartSheets, Security Awareness Training, Endpoint Detection and Response, etc.)
• Supports the ITSO with representation at meetings and technical discussions, when the ITSO is unable to attend.
• Applies strategic planning methodologies and techniques to create goals, captures appropriate performance metrics and assesses progress to facilitate long range planning.
• Develops, manages, and reports on any specific Strategic Plan, as well as prepares project and program briefings as required by the government.
• Implements, manages, and supports a phased management processes to provide a system for reviewing investment initiatives, projects, and on-going IT services through the implementation of Program Management Reviews (PMR), project status reports and performance across the project management triad (cost, schedule, time).
• Applies industry best practices to ensure a high degree of initiative and responsiveness towards project management.
• Maintains knowledge of all standards and methodologies associated project management such as but are not limited to:

• Industry Standard Project Management Methodologies
• The agency SDLC methodology (most current version)
• Agency IT policies
• Client’s IT Governance Framework including Governance standards
• PMI Standard for Project Management
• Capability Maturity Model Integration (CMMI)

• Ability to interact with and conduct presentations to all levels of management and stakeholders

Requirements

Required Skills & Qualifications:

• 8-10+ years of relevant experience
• Bachelor’s Degree in Computer Science, Cyber Security or related discipline
• Experience in vulnerability assessment and use of common security tools
• Appropriate technical skills, such as Networking, Servers and environments
• Direct and coordinate team of contractors and cross-functional teams
• Able to define and work in Information Security, Compliance, Data Loss Prevention, Technology Operations and/or Data Protection

At least one of these professional certifications:

• ISC2 Certified Information System Security Professional (CISSP)
• CompTIA A+
• CompTIA Security+
• GIAC Information Security Professional (GISP)
• ISC2 Certified Authorization Professional (CAP)

Desired Skills & Qualifications:

• Experience developing security policies and procedures
• Experience presenting technical material to senior business managers in a non-technical manner to ensure a clear understanding of how the risk(s) affects the mission and/or business functions.
• Superior communication skills, both verbal and written
• Must be able to multi-task and manage time amongst projects
• Takes initiative and doesn’t need constant instruction
• Excellent follow-through

Additional Requirements:

• Ability to pass a US Public Trust background investigation for access to the client site and computing systems. You must have lived in the US for the past three (3) years.
• All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History.