Jobs · OTHR · Maryland

Subject Matter Expert (Secure the Enterprise)

Amentum · Linthicum, MD · 2 wk ago
On-siteOTHRFull-time

Essential Responsibilities

  • Serve as Lead Technical Advisor for the Secure the Enterprise (STE) and Zero Trust (ZT) initiatives, working one-on-one with the Government Division Chief and Technical Director and Deputy Authorizing Official to advise on STE/ZT strategies, policies, and performance
  • Brief the Chief Information Security Officer and Chief Information Officer on STE data, trends, updates, and changes
  • Converse, analyze and advise on STE areas of concern to include Transport Layer Security (TLS) versions and cipher suites, Network Flow data (NetFlow and its variants), configuration of network devices, audit data logs (syslog and variants) collection and analysis, user activity monitoring, and other technical areas
  • Aid system personnel across the enterprise to maintain the appropriate operational security posture in accordance with STE compliance regulations, policies and playbook guidance for their assigned systems, programs, and/or enclaves
  • Provide guidance and technical expertise on all STE requirements that impact or affect the security compliance of the information system
  • Assist in the development and execution of an enterprise level STE compliance program that facilitates RMF continuous monitoring to minimize security risks and ensure compliance with that program on a routine basis
  • Manually review submitted evidence and justifications for manual compliance validations, determinations of applicability and exceptions for all STE security controls
  • Based on your review, make recommendations to leadership for approval or rejection of requests for exceptions from STE security requirements
  • Based on your review and written guidance, approve, or reject requests for manual validation or determination of applicability
  • Work with information system personnel to troubleshoot and correct rejected requests for manual compliance validation, determinations of applicability and exceptions
  • Review automated STE compliance data for errors or inconsistencies and report findings to leadership
  • Assess the effectiveness of general IT and specific STE security controls on an ongoing basis to determine the STE program’s effectiveness
  • Maintain, develop, and enforce STE security policies, implementation guidelines and customer training for information system personnel in diverse operational environments
  • Cook with software developers to recommend changes, develop system requirements, and test new implementations

Minimum Requirements (Knowledge, Skills, and Abilities)

  • Demonstrate a high-level of independent thought, action and judgement
  • Demonstrate a high-level of problem solving and solution development to include designing and developing full-stack data analysis solutions in Python and Django in a Linux server environment, and ability to maintain current applications
  • Self-motivated, independent, detail-oriented, responsible team player
  • Experience briefing and working with the highest levels of government agency leadership
  • Develop cross-organization and interagency relationships and maintain them over time
  • A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37
  • Knowledge of cloud architecture and cloud service providers
  • A working knowledge of Customer enterprise tools and solutions
  • Ability to effectively communicate with customers of various skill levels to resolve compliance issues
  • Ability and willingness to perform deep dive analysis on customer issues to resolve their compliance challenges
  • Experience with hardware/software security implementations
  • Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services
  • Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance
  • Experience creating and presenting documentation and management reports

Clearance Required

TS/SCI

Minimum Education

A master’s degree plus twelve (12) years Or a bachelor’s degree plus fourteen (14) years of related work experience

Preferred Qualifications

  • Familiarity the Secure the Enterprise program and the Zero Trust Initiative
  • Experience working in a help desk environment with the ability to maintain professionalism under strenuous circumstances
  • Should be committed to continuous learning and system development because of the constant developing nature of cyber attacks
  • The ability to quickly learn new concepts, data formats, software and operating environments
  • Advanced knowledge of Microsoft Office products, especially the ability to create formulas in Excel spreadsheets to perform data analysis tasks and professional presentations in PowerPoint
  • Competency in Visual Basic for Applications (VBA)
  • Familiarity with the ICD503, CNSSI1253, SP800-53, etc.

Compensation Details

$220,000 - $250,000

Benefits Overview

  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retail benefits (including 401(k) matching)
  • Education reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance

Other Responsibilities

Safety - Amentum enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.

Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the Amentum Quality Policy and carry out job activities in compliance with applicable Amentum Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities.

Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job.

Similar jobs