As the Cyber Security (Lead) on our Defense Threat Reduction Agency (DTRA) Defense Stockpile Management Systems Support (DSMS) team you will collaborate to assure DTRA’s mission to collect, collate, analyze, and disseminate nuclear weapons or related materials information to maintain the national nuclear weapons stockpile database and ensure 100% accuracy.
This program provides the support required for maintaining, modifying and enhancing all Defense Threat Reduction Agency (DTRA)-managed nuclear weapons applications for stockpile accountability management and related databases/systems to include Defense Integration and Management of Nuclear Data Services (DIAMONDS), the cryptographically isolated, Secret//Restricted Data system of record, and the CUI (controlled unclassified information) design/development application, Joint Application Design Environment(JADE), as well as their constituent networks, sub-systems, and applications collectively referred to as the Defense Stockpile Management Systems (DSMS)
Location: Position to be located at either Springfield VA (Ft Belvoir) or Albuquerque NM (Kirtland AFB). (Some Telework may be an option during the COVID Pandemic).
The Cybersecurity Lead will lead a team of cybersecurity technicians, analysts, and engineers who provide security engineering and management planning, design and implementation using standard Government processes and application like ACAS HBSS and RMF, while following DISA STIG Requirements and DoD IA Standards.
Specific tasks include, but are not limited to:
- Provide Security Engineering to include all design and development necessary to ensure DSMS systems are fully compliant with applicable security requirements to meet DTRA and other organizations’ Assessment and Authorization (A&A) standards.
- Develop and implement a capability to perform audit logging of security relevant events, including those occurring in the application(s), operating system(s), Database Management System(s) (DBMS) and services to log audit records.
- Exercise Nessus vulnerability and compliance scanning tools to maintain vulnerability management service.
- Update Linux servers and software IAW DISA releases
- Meet DOD requirements for vulnerability mitigation timelines and use of POA & Mfor prioritization
- Maintain an active program to monitor, evaluate and install all Information Applying Assurance Vulnerability Alert (IAVA) updates.
- Provide security management to include access control, encryption/decryption, key management, risk analysis, management of security assets, and assessment and prevention of security threats.
- Provide data and system integrity and the physical security of the network.
- Authoring and maintaining the System Security Plan (SSP), hardware and software baseline, system/network diagrams, maintaining the POA&M and other RMF requirements
- Prepare, completing, updating, and maintaining site A&A packages for DTRA.
- Develop a system-level Continuous Monitoring (CM) strategy (maintaining ongoing awareness of information security, patches, vulnerabilities, threats, policies, standards, validate system applications, operating system(s), database management system(s) and components under the NIAP Common Criteria Evaluation and Validation
- Administering and maintaining HBSS servers and clients to include operating systems, patches, STIG compliance, resolve ePO server issues, and manage authorized data transfer officers.
- Engineer, and implement, administering Security Information and Event Management (SIEM)
- Bachelor’s degree in science, engineering, or a related field with 15 years of experience(4 additional years of relevant experience substitutes for a BS).
- Must have a current IAM Level III certification( e.g CISM or CISSP (associate).
- Working knowledge of nuclear weapons accountability practices / procedures reporting in a DoD Nuclear Weapons Accountability role or similar relevant experience.
- Ability to travel overseas in support of the DTRA mission as required.
- Strong written and verbal communication skills.
- Proficiency in the Microsoft Office suite, e-mail, and telework software.
- U.S. citizen with an Active Secret security clearance
- Active Top Secret and SCI eligible
- Understanding and experience working within the DTRA Nuclear Enterprise, or other DTRA programs
- Prolonged periods of sitting at a desk and working on a computer
- Must be able to lift 10-15 pounds at times