Sr Policy Strategist and Architect and Cybersecurity Engineer

Job Title: Sr Policy Strategist/Architect and Cybersecurity Engineer
Location: Arlington, VA
Terms: Full-time
Requirements: Must be a U.S. Citizen with Active Security Clearance

About the Role **

Multiple mid-to-senior level roles available in the Facility Technology Division (FTD) and Emerging Technologies Division (ETD), as part of the Technology, Innovation, and Engineering (TIE) office.

FTD evaluates technical and cyber vulnerabilities affecting Department personnel, information, and global diplomatic facilities (e.g. current information infrastructure, Internet of Things (IoT), Building Automation Systems (BAS), and Telematics, etc.).

ETD supports the secure adoption of new technologies throughout the Department. ETD evaluates and analyzes the security of emerging technology at the enterprise level.

Current Position Openings:

• Sr Policy Strategist/Architect (FTD)
• Cybersecurity Engineer (ETD)

Target Salary Ranges from $90,000 - $160,000

Sr Policy Strategist/Architect responsibilities:

• Execute the planning, design, development and implementation of policies and procedures associated with cyber security and the evolving technological landscape.
• Determine the impact of changes to the Department’s IT environment, to include use of new and emerging technology, software, hardware, and firmware; develop technical rationale for policy and standard changes.
• Review, assess, and create Policy impact reports on the impact of new or revised National Level and Departmental policies and regulations affecting DOS cyber security policies, standards and/or CTS programs or operations.
• Identify and diagnose operational issues and implement design alterations based on policy trends and reports.
• Recommend changes to DOS cyber security policies, standards, and/or CTS programs or operations to comply with new or revised National Level and Departmental policies and regulations.
• Make recommendations for, and coordinate clearances of unattended IT operations at Critical Threat posts.
• Participate in intra-agency policy working groups.
• Develop processes for policy task automation; support user related system development life cycle activities, to include requirements definition, functional design, and user acceptance testing.
• Produce weekly, monthly, and quarterly updates and deliverables to the customer detailing the teams work efforts, accomplishments, and gaps.
• Review the current organization of the ET Division for opportunities for collaboration on specific priority objectives. Create a growth plan with the Customer to determine areas that require additional integration.
• Understand and unify the non-Peraton contract organizations technical capabilities into alignment for the overall Office.
• The following are the current technical needs that require additional lift: Work with the ETD CSS Liaisons to improve visioning on their mission and activities understanding the trade space of non-mapped PWS requirements or new mission directives.
• Work with external organizations to collect requirements that ET can fill to better focus prioritization of work activities.
• Provide business consulting (requirements collection) in FTD for future Applications so that we can get a head start in growth on the ADWS organization.
• Develop a quarterly report of emerging technical trends that DS will need to mature; similarly, develop a quarterly report for FTD on cyber/communications controls that impact security of Posts.
• Additional planning advice to the IET, to migrate the organization to a focused security and technology innovation center.
• Assist the Policy Division in developing mission requirements to build an updated FAM/FAH that is relevant to new NIST 800-53 revision standards.
• Develop an understanding of the current stakeholder lists necessary across State and supporting offices including IRM, CTS CTO, and CIO.

Qualifications: Basic Requirements:

• Bachelor’s degree and a minimum of 9 Years experience; 7 Years with Masters; 4 Years with PhD. An additional 4 years of experience may be substituted in lieu of degree.
• Possess ONE of the following certifications or be able to obtain within 6 months of start date:
• CASP CE, CCNA Cyber Ops, CCNA-Security, CCNP Security, CEH, CFR, CISA, CISSP (or Associate), Cloud , CySA ,, GCED, GCIA, GCIH, GICSP, SCYBER, VCA DCV, PPDA, Agile IC, or SNOW App Dev
• Experience monitoring and responding to inquiries on cyber policies and standards.
• Demonstrated technical and administrative support of cyber security policy.
• Experience examining requests and making recommendations for the development/approval of waivers/exceptions to policies and standards.
• Familiar with NIST 800-53 Risk Management Framework.
• Experience with Policy development.
• U.S. citizenship required.
• Ability to obtain interim Secret clearance prior to start date.
• The ability to obtain a final Top Secret/SCI security clearance.

Cybersecurity Engineer Responsibilities:

• Support the Security Standards & Baselines (SSB) section within the Technology, Innovation, and Engineering (TIE) Office.
• Identify and provide solutions to enhance and/or streamline processes and automate work flow.
• Need to have a strong technical background and expertise in various areas of cybersecurity.
• Promote awareness of security issues among management and ensure sound security principles are reflected in organizations’ visions and goals.
• Communicate complex security concepts to both technical and non-technical stakeholders, including senior management.
• Possess strong problem-solving and decision-making abilities to guide the organization in making informed security decisions.
• Perform extensive research and documentation of security threat vectors.
• Provide guidance and coaching to team members.
• Create bulletins, alerts, and/or advisories related to published or developmental standards and/or security principal documents.
• Ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services.
• Evaluate a wide array of existing, new, modified, and/or emerging technologies and develop recommended security configuration baselines documents that implement Departmental policy, technical security solutions, and industry best practices in alignment with Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) as much as possible.
• Respond to various technical and policy questions from a wide range of customers/users with guidance and clarifications.
• Promote awareness of cybersecurity standards and principles among the customer stakeholders, coworkers, and the Department users.
• Collaborate with fellow team members and various internal and external stakeholders to share information and knowledge to establish and maintain a productive line of communication.
• Streamline processes to improve efficiency of Mission goals.
• Manage information and updates in SharePoint repositories.
• Keep awareness of items involving fellow team members to provide back up support and coverage as needed.

Qualifications: Basic Requirements

• Bachelor’s degree and a minimum of 5 years’ of relevant experience. An additional 4 years of experience will be considered in lieu of degree/education.
• Either possess or obtain prior to start date ONE of the following certifications:
• CAP, CASP CE, CCISO, CCNA-Security, CISM, CISSP (or Associate), CISSP (or Associate), CND, CSSLP, CySA , GICSP, GSEC, GSLC, Security CE, SSCP, PPDA, Agile IC, SNOW App Dev
• Experience with DISA STIG - Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG).
• Experience developing and executing research plans.
• Experience working with Windows Server on an enterprise level.
• Experience managing Active Directory in a multi-domain environment.
• Experience working with server/application virtualization on an enterprise.
• Demonstrated excellence in business acumen, team orientation and strong customer service skills.
• U.S. citizenship required.
• Active Secret security clearance.
• Ability to obtain a final Top Secret security clearance.

Desired Requirements

• Experience with process automation highly desired.
• Technical writing skills.
• Engineering/maintaining database infrastructure including SQL and Oracle.
• Active Directory Federation Services (ADFS), Azure, Active Directory.
• Developing and managing virtualized IT systems.
• Networking technologies.
• Configuration and/or administrating enterprise mobile device deployments.
• Experience working with Red Hat Enterprise Linux servers on an enterprise level.

About us:

Cyber Management International Corporation is actively recruiting highly IT Security professionals looking for challenging, exciting work in support of the U.S. Department of State (DOS). Specifically, our customer is the Bureau of Diplomatic Security (DS), Directorate of Cyber and Technology Security (CTS). DS/CTS is a center of excellence that brings together cybersecurity, technology security, and investigative expertise as a unified security capability focused on solving critical and emerging issues enabling the State Department to fulfill its vital global mission.

For more information about our company, please visit www.cybermgt.com or email us at recruiting@cybermgt.com

Job Type: Full-time

Pay: $90,000.00 - $160,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• Day shift
• Monday to Friday

Security clearance:

• Secret (Required)

Ability to Commute:

• Arlington, VA 22209 (Required)

Work Location: In person

Salary : $90,000 - $160,000