ActioNet is seeking a qualified Cybersecurity Subject Matter Expert (SME)/ Project Manager in support of State Department Bureau of Security and Technology. The SME/PM is responsible for leading an effort to obtain Authorization To Operate (ATO) for Applications and Systems at DS. He/She will need to work closely with product owners, technical staff and associates in the IT security area, to guide the process and will be responsible for a combination of project management and technical writing to develop the System Security Plan (SSP) and document the implementation of security controls.
To achieve this, he/she must demonstrate relevant domain expertise of an Cybersecurity and Project Management and successfully translate best practices into guidance for team members, System Security Plans, POAMs, board submissions, and other ATO related documents and efforts.
Duties and Responsibilities:
* Responsible for leading project and providing oversight and subject matter expertise to the team
* Responsible for documenting solutions for protecting the confidentiality, integrity and availability of sensitive information.
* Provides technical evaluations of customer systems and assists with making security improvements.
* Lead or facilitate major portions of large or medium projects / tasks, or provide sole support for small projects / tasks
* Provides IT security guidance in the areas of system engineering; risk management; system authorization, critical infrastructure continuity and contingency planning; security awareness and training.
* Write technical volume and compliance documentation for System Security Plans and associated documents.
* Familiar with statutes, regulations, and current Dept. of State and NIST guidance with respect to establishing and maintaining a Cybersecurity program.
* Ability to take large volumes of complex information and present it in a clear and concise manner to senior management.
* Excellent verbal and written communication skills, attention to detail, and resourceful
* At least 8 years of directly related experience is required
* Professional cyber security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), SANS Global Information Assurance Certification (GIAC) or equivalent a plus
* Dept of State Secret clearance
* PMP certificate Desired (at least three of the following):
* Familiarity with the Dept. of State security framework
* Cybersecurity policy, planning and reporting experience
* Awareness and experience with Executive Orders, National Institute of Science and Technology (NIST), and CNSS requirements, reporting, standards, guidelines, processes and toolsets
* NIST Cybersecurity Framework
* NIST Risk Management Framework
* Federal Information System, security lifecycle approach including assessment, authorization, and monitoring programs
* Strong understanding of wired and wireless communications systems and networks
* Experience using Xacta, eMASS or similar information assurance workflow tools