Cyber Security Supervisor - Colorado Springs, United States - New Directions Technologies Inc.

    New Directions Technologies Inc.
    New Directions Technologies Inc. Colorado Springs, United States

    1 month ago

    Default job background
    Description

    Responsibilities/Duties:

    • Provide direction and guidance to a team of junior to senior level cyber security experts responsible for the cybersecurity operations of complex networked and standalone IT systems
    • Keep informed of currently approved standards, codes, and procedures applied to cybersecurity specialty
    • Oversee multiple system packages throughout the Authorization to Operate (ATO) process
    • Maintain overall schedule and track all ATOs in development and in Continuous Monitoring (CONMON) stage
    • Provide technical expertise and mentoring to other members of the cybersecurity team to accomplish assigned tasks
    • Interface with senior government and JT4 leadership to keep them up-to date on the progress and status of ATOs and security posture of IT systems
    • Be primary interface between the Authorizing Official (AO) and the Security Control Assessor (SCA) for coordination of ATO packages
    • Conduct research and reference reading in obtaining technical information
    • Perform systems engineering activities in the areas of Cybersecurity / Information Assurance (IA) / System Security Engineering (SSE) and security assessment and authorization (A&A) in accordance with NIST SP RMF
    • Apply risk management concepts to mitigate vulnerabilities in system security architectures
    • Interface with the Information System Security Manager (ISSM), program managers, system stakeholders, and external contractors to coordinate cybersecurity requirements and architecture flow down from the system level to individual elements of the system
    • Assist in preparation of reports, correspondence, or technical studies
    • Provide Subject Matter Expert (SME) input into the Engineering Review Board (ERB)
    • As an Information System Security Manager (ISSM) sit on the Configuration Control Board (CCB) as a veto authority to recommend changes into system authorization boundaries
    • Assist in the development of Statements of Work (SOW) for issuance to possible vendors under the JTECH-II contract
    • Provide guidance and direction to sub-contracts and preferred vendors on cybersecurity requirements related to scopes and contracts
    • Assist the government customer with establishing cybersecurity procedures and policies that support and secure operations across multiple disciplines
    • Provide SME input to all projects or assign an appropriate representative to the task
    • Oversee a team of various disciplines, including Information System Security Officer (ISSO), ISSM, system admins, network admins, network engineers, and IT systems engineers.
    • Provide professional career guidance and mentorship to ensure employees and team members flourish
    • Provide oversight and management of differing circuit requests

    Experience/Education:

    • A master's degree in Computer / Information Technology, or equivalent academic/technical training/certification;
    • 10+ years of experience in computer systems security with 5 years of management experience, and/or related area of expertise
    • Cybersecurity Service Provider certifications within DoD M within the designated timeframe upon hire date; and a minimum of the following certifications: CISM, CISSP, GSLC, or CCISO are required for this position
    • Additional desired certifications: CEH (Master) or CERP and Project Management Professional (PMP)
    • Subject matter expert-level experience supporting various system configurations such as standalone, local area networks (LANs), and wide area networks (WANs)
    • Demonstrated experience with Risk Management Framework (RMF) process, eMASS, ACAS, SCAP, STIG, Cyber Risk Assessments (CRA), Cyber Table top (CTT) or related process
    • Robust conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services
    • Demonstrated experience formulating and/or interpreting cyber threat analysis of adversary techniques, tactics, and procedures used to disrupt computer networks
    • Demonstrated experience with planning, designing, executing, and assessing discussion-based exercises
    • Demonstrated ability to plan, organize, and work under strict deadlines

    Additional Experience Desired

    • Experience with SAP and JSIG requirements
    • Experience with all steps of the RMF process
    • experience with eMASS and XACTA
    • Must be able to speak publicly and provide briefings to high-level government customers as requested
    • Experience in the generation of all required documentation for an RMF package. To include SSPs, DRPs, IRPs, and other required Body of Evidence requirements
    • Experience in managing large inventories of materials such as workstations and servers