• Provides expert support, research and analysis of exceptionally complex problems, and processes relating to them.
• Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation and alternatives to complex problems.
• Applies advanced technical principles, theories, and concepts.
• Contributes to the development of new principles, concepts, and methodologies.
• Works on unusually complex technical problems and provides highly innovative and ingenious solutions.
• Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs.
• Performs a DoD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
• and outsourced IT processes.
• Determines the applicable severity value for an identified vulnerability (e.g., noncompliant security control), and determines the possible ramifications on the system’s current or future authorization.
• Works under consultative direction toward predetermined long-range goals and objectives.
• Assignments are often self-initiated.
• Determines and pursues courses of action necessary to obtain desired results.
• Develops advanced technological ideas and guides their development into a final product.
• Expertise in the area of cybersecurity and evaluations

Required Qualifications

• 10 years IT experience
• 5 years IA experience
• Strong analytical and problem-solving skills for resolving security issues
• 5 years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience; DoD cybersecurity experience
• Strong knowledge of NIST 800-82 Rev 3, and Purdue Model
• Experience in assessing/validating security controls and conducting authorization reviews for large, complex organizations.
• Proficiency in basic analytical software such as Microsoft Excel and Access, proficiency with the Microsoft Office suite, to include Word, PowerPoint
• Must have DHS ICS 301/301V or 401/401V certificates.
• SECRET clearance and be eligible for an IT-II upon assignment.
• Relevant certification meeting DoD 8570.01 IAM level III
• Demonstrated track record of completing IT and OT cybersecurity engineering and risk assessment tasks relevant to the contract scope— including all OT Pillars—and a range of control system types (e.g., automated material handling systems, automated fuel handling systems, enterprise security systems, etc.)
• Strong knowledge/application of relevant IT and OT standards/issuances and frameworks
• Thinks independently and demonstrates exceptional written and oral communications skills.

NA