T-Rex Solutions is seeking a qualified and experienced Cybersecurity Program Lead to join our growing team. T-Rex Solutions is a premier mid-sized federal IT consulting organization specializing in large systems integration, cloud engineering and cybersecurity services having performed over $1B in prime contracts to the federal government. This individual will support and lead cybersecurity operations on the National Air and Space Intelligence Center (NASIC) Communications and Enterprise Information Technology (COMET) program with work performed at Wright Patterson AFB.
Responsibilities:
Support the NASIC Cybersecurity team, facilitating the assessment and authorization (A&A) and continuous monitoring of approximately 65 operational national security systems within NASIC in accordance with Intelligence Community Directive 503, National Institute of Standards and Technologies 800-Series Publications, Committee on National Security Systems Instructions, and the Risk Management Framework.
Support the NASIC Cybersecurity Branch, NASIC Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) in the oversight and execution of organization-wide Cybersecurity programs through the creation, maintenance, and delivery of policy, process documentation, and training.
Provide analytical support and risk assessment for output from cybersecurity capabilities such as endpoint security, audit logs, and vulnerability scanning
Produce, request, and collect required information to accurately communicate the status of operational system authorization packages, track system packages progress within the Xacta workflow, update system status within branch internal database. Create reports as necessary to provide leadership situational awareness of the ATO status of all systems.
Track significant events, as required, such as Service Requests, Incident Reports, and open CSRDs (IT requirements). Maintain a help desk function for cybersecurity-related trouble tickets, ensuring all tickets and requests are assigned to the appropriate SME, tracked and reported, and resolved.
Review, update, maintain, and create, when needed, Cybersecurity policy documents and Standard Operating Procedures to establish and maintain proper oversight of organizational Cybersecurity programs. Develop communication plans and training to accompany policy and procedures when required.
Evaluate, conduct process-improvement analysis on, propose improvement strategies for, and implement streamlined processes for all Cybersecurity branch functions: Assessment & Authorization (A&A), defensive cybersecurity functions, and TEMPEST/EMSEC. Appraise policies and requirements governing these processes and ensure compliant repeatable processes are developed, documented, and implemented.
Assist with the identification and tracking of applicable hardening guidance such as DISA STIGs and vendor-provided hardening guides. Assist with the interpretation and application of hardening requirements when required.
Ensure Cybersecurity processes integrate with NASIC configuration management processes and, as part of a team, evaluate and acquire approval for changes to authorized systems
Assist with the development, tracking, reporting, and completion of System and Program Plans of Actions and Milestones (POA&Ms) to resolve either self- or externally-identified deficiencies. Document and track unmitigated vulnerabilities and approved exceptions to policy.
Support RMF system assessments and security/cybersecurity inspections. Produce security assessment reports and/or inspection reports as required.
Analyze, interpret, and create actionable information from the output of enterprise cybersecurity capabilities such as the Security Information and Event Management (SIEM) tool, endpoint security, network boundary protection, network intrusion detection, vulnerability scanning, and Security Content Automation Protocol (SCAP) compliance scanning.
Assess the risk from individual vulnerability and threat events as well as the overall enterprise risk and propose mitigations to reduce residual risk. Incorporate data from all available sources to support NASIC continuous monitoring and risk assessment. Develop and present risk scoring in accordance with NIST guidance and best practices.
Requirements:
Bachelor's Degree and 10+ years of related professional experience
Top Secret Clearance (SCI eligible)
Possess and maintain Information Assurance Management (IAM) Level I certification as required by Air Force Manual (AFMAN) 17-1303, Department of Defense (DoD) Directive 8140.01, and DoD 8570.01-M
2+ years experience managing Cybersecurity/Information Assurance programs within the DoD or IC
Training, experience, or formal education in the accreditation of DoD or IC information systems under the RMF
Desired Skills:
Training, experience, or formal education in the Capability Maturity Model Integration (CMMI), Information Technology Infrastructure Library (ITIL), or Information Technology Services Management (ITSM) Methodologies is desired
T-Rex Overview
Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.
T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.
T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.
