The Cybersecurity Process Engineer – Senior provides cybersecurity expertise and Service Management process guidance to support the Defense Information System Agency (DISA) technology infrastructure. Assesses system risks and facilitate remediation of security vulnerabilities. Using ITSM process experience, report on findings
and provide recommendations for corrective actions. Interface with governance teams in organization. Perform vulnerability assessments as assigned, utilizing IT security tools and methodologies.
Responsibilities:
Collaborate with internal and external SMEs and senior-level Government customers to determine the best courses of action in preparation for IT audits, risk assessments, and regulatory requirements.
Conduct cybersecurity research and analysis to support DISA's Configuration Control Board. Coordinate with government counterparts to support expert provisioning Remedy ITSM ticket management and customer support.
Execute Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS) scans to determine infrastructure vulnerability state and develop highly customizable reports for briefings to DISA's leaders
Configure, update, and manage Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS) in support of DES Operations
Coordinate with engineers to troubleshoot cyber issues to identify the problem root causes and provide solutions.
Conduct technical analysis and present findings on proposed DES changes; clearly articulate the rationale in favor of or recommendation for rejection against proposed changes
Analyze, Uses Government-provided IT Service Management (ITSM) tool to track key performance indicators such as assignment, completion, and timeliness
Recording and validating resolution with incident/problem owners IAW with the DES Incident Management SOP and the DES Security Management SOP is required prior to closing out trouble tickets.
Develop, edit, and update Security SOPs and TTPs for Operations
Responsible for reviewing regulatory security policies, as well as best practices, and develop the technical solution required to implement those requirements on servers, routers, firewalls, and other LAN/WAN
equipment
Strong experience with implementing configuration baselines and DISA STIGs Strong experience with vulnerability mitigation and patching
Reporting security incident status and progress to senor Government stakeholders Have flexible working hours to be available to support team when needed
Knowledge and Skills:
Excellent verbal and written communication skills
Ability to organize and facilitate planning and demonstrations
Ability to track, manage, and ensure project tasks are completed in a timely manner
Technical Knowledge
ServiceNow/Remedy ITSM
SolarWinds Network Configuration Monitor (NCM) System Center Configuration Manager (SCCM) Palo Alto Firewalls
ACAS HBSS
Education and Experience:
Bachelor’s Degree
6+ years of experience
Network or other Certifications needed or specialty experience:
ITIL v3 Foundation or advanced ITIL certifications such ITIL Intermediate Certifications in Service Lifecycle and/or Service Capability, & ITIL Practitioner are preferred
3 yrs ServiceNow/Remedy ITSM experience preferred
IAT Level II Security+CE (or appropriate DoDM 8570 Baseline Certification)
Clearance/Citizenship:
Secret
Must be US Citizen
Location: Fort Meade, MD