Cyber Security Specialist

Job Description

Cherokee Nation System Solutions (CNSS) is seeking an experienced Cybersecurity Specialist to support Defense Health Agency Cyber Security Division (DHA CSD) operations at Walter Reed National Military Medical Center (WRNMMC).

This role involves integrating cybersecurity into programmatic processes, managing risk, and ensuring compliance with DoD security standards.

Candidates must have at least five years of experience in a DoD environment and hold a CISSP or equivalent certification.

Compensation & Benefits :

Estimated Starting Salary Range for Cybersecurity Specialist : $140,000 - $150,000.

Pay commensurate with experience.

Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice.

Cybersecurity Specialist Responsibilities Include :

• Work with the designer to establish a hardware / software (HW / SW) inventory for the system; all HW / SW components associated with the system within the authorization boundary are within the scope of security responsibility.
• Provide remote connected diagnostic access coordinated with Defense Health Agency Cyber Security Division (CSD) DHA CSD and local cybersecurity for connectivity support of installation, launch, and reinstallation when the hardware configuration meets the minimum system requirements for the software.
• Provide means of accessing required software updates that have been approved through DOD Information Assurance (IA).
• Integrate Cybersecurity (CS) into their programmatic processes, document decisions, specify and track CS requirements, document assessment efforts, identify possible solutions, and maintain operational systems security in accordance with (IAW) DoDI 8500.

01, DoDI 8510.01, DoDM 8570.01, DoDM 8140.03, CNSSI 1253, and NIST SP 800-53, DoDI 8582.01

• Comply with the CS process in accordance with DoD 8510.01 Risk Management Framework (RMF) for DoD Information Technology (IT), Committee on National Security Systems Instruction (CNSSI) 1253, and the National Institute of Standards and Technology (NIST) SP 800-53.
• Consult with the DoDIN APL and the National Information Assurance Partnership (NIAP) Evaluated Product List (EPL) during the design stage and component selection process to determine its applicability to the "SYSTEM".
• Provide risk management framework (RMF) services for IT and IS subject to FISMA. The candidate shall follow NIST requirements for all Federal information systems other than those systems designated as national security systems as defined in 44 U.

S.C., Section 3542.9. The tasks described in this section are in alignment with the six (6) steps outlined in NIST SP 800-37 Rev.

1, "Guideline for Applying the Risk Management Framework to Federal Information Systems, A Security Life Cycle Approach".

A comparison chart showing original requirements under NIST SP 800-37 and the updated NIST SP 800-37 Rev. 1.

• In the case where NMCSD or other entity has already completed or started portions of a RMF effort, the Candidate shall continue the effort.
• The Candidate shall follow the issue resolution process for any identified vulnerability or issue identified throughout the Risk Management Framework.

Issue resolution is used to communicate issues to key stakeholders and document risk-based decisions to include risk acceptance, correcting vulnerabilities and retesting, or creating a Plan of Action and Milestones (POA&M).

Issue resolution provides an audit trail, accelerates the RMF, and documents management accountability.

• Scan and patch Windows servers, Windows desktops, Apple MAC, Ricoh and HP Printers, Brocade and Cisco Ethernet switches, VmWare servers, EMC and Nimble storage area networks (SANS) and miscellaneous network attached devices, wired and wireless.
• Mitigate supply chain risk to the government by complying with DFARS redacted and only utilizing unified capability equipment identified on the DODIN Unified Capabilities Approved Products List (https : / / aplits.

disa.mil / processAPList), unless granted a waiver in accordance with DODI 8100.04, DOD Unified Capabilities (UC).

Provide updated Nessus scans within ten (10) days of a request from the Government POC until an ATO is granted or the product is added to the DHA APL.

Remediate or mitigate any findings discovered as a result of the Nessus scans.

Performs other job-related duties as assigned

Cybersecurity Specialist Experience, Education, Skills, Abilities requested :

• Must have at least five (5) years of in-depth expertise in applying cybersecurity / Information Assurance (IA) principles in a DoD environment.
• Must possess a Certified Information Systems Security Professional (CISSP) or DoD-approved equivalent certification
• Must possess mastery of (and skill in applying) the DoD / DHA IT architecture, interrelationships among multiple IT specialties, new IT developments and applications, emerging technologies, and their application to business processes, IT security concepts, standards, and methods, project management principles, methods, and practices;

and oral and written communication techniques sufficient to serve as a subject matter expert in cybersecurity / IA and manage assigned IT projects and program.

This mastery must be demonstrated through experience and training.

Must possess mastery of (and skill in applying) total infrastructure protection environment; system security certification and accreditation requirements and processes;

and Federal information systems protocols in order to integrate information systems security with other IT and security disciplines, manage network and systems accreditation, and ensure coordination and collaboration on a wide range of security activities.

This mastery must be demonstrated through experience and training.

Must possess mastery of a wide range of IT and cybersecurity concepts, principles, and practices required to plan, direct, and evaluate Information Security (IS) programs for Automated Information Systems.

This mastery must be demonstrated through experience and training.

• Must have the ability to coordinate and conduct surveys, inspections, and assistance visits that improve the level of security.
• Must have the ability to qualify for and maintain an IAT Level II position as defined in DOD 8570-01-M. One or more of the following certifications are required : CompTIA Security +, GSEC, SSCP, or CCNA-Security.
• Must pass pre-employment qualifications of Cherokee Federal

Company Information :

Cherokee Nation System Solutions (CNSS) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses.

As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart.

To learn more about CNSS , visit cherokee-federal.com.

CherokeeFederal #LI

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Keywords :

• Cybersecurity
• Risk Management Framework (RMF)
• DoD Information Assurance (IA)
• CISSP Certification
• Network Security

Similar Job Titles :

• Information Security Analyst
• Cyber Defense Specialist
• IT Security Engineer
• Information Assurance Specialist
• Network Security Administrator

Legal Disclaimer : Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com / careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.