Cyber Security Risk Specialist

Job Title: Cyber Security Risk Specialist Location: Remote but must be local to Hillsboro, VA OR San Antonio, TX Duration: 6 month contract to hire Clearance: DoD Secret Position Overview: The Cybersecurity and Risk Architect will support security activities for multiple projects to accomplish successful performance consistent with contractual agreements for our DoD client. The successful candidate will maintain Cybersecurity risk identification, assessment, and evaluation across the enterprise and work with stakeholders to comprehend architecture changes, designs, planned controls, and anticipated threats. Model the possible vulnerabilities and threats from an architectural level and determine the resulting risks, likelihoods, and impacts. Determine risk remediation, including compensating controls, work to incorporate or reject controls in the design, determine residual risks, and interface between Government risk managers, and subcontractor risk management for risk acceptance. Leverage knowledge of security threats, system, including application and infrastructure vulnerabilities, resulting risks, and compensating controls. Serve as a thought leader and communicate with peers and leadership regarding optimum architectural approaches that meet business requirements and managing security risk and maintaining compliance. Participate in process improvement activities, including standardizing threat actors and control catalogs. Leverage knowledge utilizing the following areas: Cyber defense capabilities, including Cyber threat intelligence, Cyber operations, vulnerability management, incident response, Cyber hunt, security analytics, attack surface reduction, penetration testing, and red teaming.

• Oversight, expertise, technical security strategy, standards, and best practices for multiple programs with various security categorizations (low, moderate and high).
• Counsel to ensure auditing, testing, preventive and reactive measures are being adequately implemented for infrastructure systems
• Reviews, updates and development of all required security documentation.
• Reviews, testing and implementation of security requirements within project plan timelines.
• Research and tracking of security standards, policies, and procedures.
• Support for multiple project assignments with strong and effective communication, time management and collaboration skills.
• Manage software and hardware configurations and tuning to meet performance and security objectives.
• Build or write scripts to manage monitoring of systems and dashboards.
• Troubleshoot infrastructure issues in conjunction with application, infrastructure, and vendor groups.
• Document installations, changes, and configurations
• Other Duties as required

• 5+ years of experience with serving as in Information Security Office (ISO) or Information Systems Security Officer (ISSO)
• Experience with information security program frameworks, including ISO 27001/2, COBIT, & NIST
• Experience with providing strategic direction for core enterprise infrastructure and security supported technologies, including data protection, such as DLP, tokenization, and encryption, perimeter protection, such as WAF and firewalls SIEMs, managed security services, and Cloud services security
• Ability to drive definition and implementation of the security architecture standards
• Ability to lead fast-paced delivery in challenging commercial environments, work with senior leaders to foster positive client relationships, identify new business opportunities with existing clients, and develop new intellectual capital
• Ability to build strong relationships with technology vendors and develop mutually beneficial partnerships
• BA or BS degree in a technical related field, such as Computer Science, Management Information Systems, mathematics, engineering, or Cybersecurity
• DoD 8570 Certification - IAM II
• U.S. Citizenship required