Hybrid Remote STIG REVIEWER #3877

Careers

  • US-Remote Located in DC/MD/VA
  • Cybersecurity & Intelligence
Apply Now

Company Overview

GovCIO is a team of transformers–people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation that improves governmental operations each day.

But we can’t do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We’re changing the face of I.T. – from our diverse staff to the end-products we develop. And we’re excited to expand our team. Are you ready to be a transformer?

Responsibilities

Correlates threat data from various sources to establish the identity and modus operandi of hackers active in client’s networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

1.Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client.
2.Provides timely and actionable sanitized intelligence to cyber incident response professionals.
3.Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
4.Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
5.Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.

Qualifications

Bachelor’s with 5 – 8 years (or commensurate experience)

Required Skills and Experience

Seeking a DISA Security Technical Implementation Guides (STIG) auditor to support the Defense Counterintelligence and Security Agency (DCSA).

  • Active Secret clearance
  • Security + w/ce certification
  • Establishing and interpreting STIG requirements and system compliance with the STIGs
  • Coordinating the review and performing the actual evaluation of STIG implementations
  • Identifying mitigation and remediation for non-compliance with the STIGs
  • Developing plans and supporting the System Owners with mitigating any non-compliance findings
  • Strong background with the DISA STIGs, determining compliance, and recommending mitigations to include the implementation of controls
  • Detailed knowledge of Information Security Principles, Concepts, Practices
  • Strong Technical Writing Skills
  • Ability to work in MS Office/SharePoint environment
  • Experience with FISMA, NIST, OMB guidelines, and other Federal regulations and guidance
  • Develop, update, and/or review Risk Management Framework (RMF) documentation to include security plans, implementation plans, plans of action and milestones (POA&Ms), and risk assessment reports.
  • Demonstrated efficiency and experience in RMF package development, including mitigation statements (POA&Ms), security plans, risk assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware/software inventories.
  • Review existing architectures to plan, deploy, and enhance secure solutions to protect the data within the environment.
  • Review existing security documentation and processes to provide areas of improvement.
  • Provide investigation and remediation support to mitigate security threats and incidents.

Preferred Skills and experience

  • AWS Cloud environment experience

#cjpost

COVID Policy: New employees will be required to adhere to the Company’s and its clients’ COVID-19 safety procedures. In the event that the COVID-19 vaccination mandate for Federal Contractors is enforced, you must become fully vaccinated or request and be approved for an exemption. Employees working onsite at a client location must comply with our client’s COVID-19 requirements.

GovCIO is a team of professionals who want to make a difference. And that can only happen with a diverse, happy, and cared-for team. So, we prioritize your well-being, equity for all and look for ways to make work a better place for each of us every day.

We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/ F/Vet/Disabled

Apply Now

Not The Right Fit?

Is this not the job you’re looking for? That’s ok! We’ve got plenty of other opportunities for you to peruse. Search all of our open positions by your area of interest or location.

View All Jobs