Cybersecurity Assessment & Authorization [2021-150]

EC TO - 2

Mid-level Cybersecurity

Required Skills:

• Computer networking concepts, protocols, and security methodologies

• Risk management processes (e.g., methods for assessing and mitigating risk)

• Cybersecurity threats and vulnerabilities

• Data backup and recovery

• Business continuity and disaster recovery continuity of operations plans

• Host and network access control mechanisms

• Cybersecurity best practices used to manage risks related to the use, processing, storage, and transmission of information or data

• Risk Management Framework requirements

• Current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities

• Network traffic analysis methods

• System and application security threats and vulnerabilities

• Server administration and systems engineering theories, concepts, and methods

• System life cycle management principles, including software security and usability

• Information security program management and project management principles and techniques

• Current and emerging threats or threat vectors

• System administration, network, and operating system hardening techniques

• Personally Identifiable Information (PII) data security standards

• Laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures

• Integrate information security requirements into the acquisition process; using applicable baseline security controls; ensuring a robust software quality control process; and establishing multiple sources

• Assess RMF artifacts and identify errors, omissions, and inaccuracies

• Identify critical infrastructure systems with information communication

• Conduct, review, and assess the results of security audits and A&A packages

• Develop and deliver requirements documentation

• Analyze, collate, organize, report on, respond to, and develop solutions to threats, risks, and exposures of DoD networks

• Communicate complex technical and programmatic information, concepts, or ideas in a confident and well-organized manner

• Ability to coordinate Project Team meetings

• Demonstrate understanding and implementation of risk analysis, generating risk reports, and providing recommendations for risk mitigation

• Understanding of current DoD Acquisition Policy

• Required Certifications IAW DoD 8570.01-M

Bachelor Degree; an Associate Degree plus 4 years work experience may be substituted for a Bachelor Degree

3-10+ years

Buckley AFB, CO

Top Secret/SCI



U.S. Citizenship Required. An Equal Employment Opportunity employer. Please visit Equal Employment Opportunity link below for further information.
Equal Employment Opportunity Information