The client’s project management process requires a cybersecurity representative throughout each project’s lifecycle. Knowledgeable representatives from the CSPP provide recommendations to ensure final project outcomes and deliverables meets all applicable cybersecurity requirements.
• As requested, support IT related Agency projects (e.g. as a project engineering support member) and if requested, maintain membership on the project team
• Provide cybersecurity knowledge to the project team during the project lifecycle
• Be proficient in the Project Management Lifecycle
• Track internal and external efforts by utilizing the Cybersecurity Engineering Team’s (CSET) issue tracking system
• Support CSET’s cybersecurity engineering responsibilities to include performing cybersecurity technology assessments, supporting cybersecurity design, and supporting development and engineering aspects of NPR 7120.5, NPR 7120.7 and NPR 7120.8
projects and initiatives
• Utilize industry threat frameworks to document and assess threats, mitigations, and telemetry capabilities for those threats. Maintain updated documentation as additional capabilities are implemented or new threats are discovered.
• Support the development of a risk-based device posture policy for the client’s onpremises and remote network environments.
• Perform data analysis to support the implementation of policies at the client’s Agency and Center borders to reduce risks to the client’s network environment.
Education & Experience Requirements:
• Bachelor’s Degree in related field
• Proficiency with Microsoft Office, especially Excel data analysis and reporting
• Proficiency with vulnerability scanning, analysis, reporting and supporting management
• Familiarity with FedRAMP
• Familiarity with one or more security frameworks NIST 800-53, RMF
Desired Skills & Certifications:
• Security certificates such as CISSP, CISM, GSLC, or CASP
• Supporting IT Project Management
• Disaster Recovery & Continuity Planning
• Attack Simulation & Penetration Testing
• Cybersecurity Governance & Compliance
• Application Security Roadmaps