CDM Engineers Job# JACDT0101
Location: NW Washington, DC
Clearance: Ability to attain a Public Trust
Agency: Dept of Treasury
The Continuous Diagnostics and Mitigation (CDM) program is a dynamic approach to fortifying the cybersecurity of government networks and systems. CDM provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first. Congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and more efficiently allocate cybersecurity resources. Seeking a Continuous Monitoring Security Engineer to join our growing team.
Position Responsibilities
-
Provide deployment support of products currently in the DOT environment or procured through the CDM program
-
Provide assistance to the DOT OCIO in implementing initial piloting and subsequent maturation of new products to an Initial Operating Capability (IOC)
-
Provide weekly reports and recommendations on the asset management, configuration management, patch management, and vulnerability management posture and performance of the enterprise
-
Assess the current cybersecurity architecture against all phases of the CDM program and identify gaps, analyze CDM priorities and metrics, develop strategic and transitional plans for DOT to incorporate new CDM capabilities, implement new CDM tool configurations to integrate them into the existing architecture, and support the development of the CDM dashboard and metrics
-
Provide SME support in the analysis, presentation, and reporting of DOT security information obtained as part of the CDM initiative and from continuous monitoring systems, identifying critical and high vulnerabilities
-
Provide assessment, planning, and implementation support to the DOT CDM program, consistent with OMB and DHS program requirements
-
Develop ad hoc CDM/CM reports on key metrics, white papers, position papers, and analyses
-
Support DOT in the remediation of security incidents, perform analyses on compromised assets, interview personnel, analyze incident information and activities to identify potential process improvements, and support training
-
Support the change and configuration management processes, developing presentations as appropriate, and providing recommendations to federal personnel on potential security risks
-
Provide support for the development and maintenance of office and team sites on the DOT SharePoint Intranet infrastructure
-
Establish client relationships; and ensure high-quality deliverables
-
Proactively prioritize project tasks and identify project issues and risks
Position Requirements
-
Minimum of 5 years of experience in federal IT and cybersecurity environment
-
Bachelor's degree in Computer Science, Engineering, Mathematics, Management Information Systems or equivalent degree
-
Experience implementing, configuring, and running reports using ArcSight, IBM BigFix, Splunk CounterACT, RES, RedSeal, and Tenable are preferred
-
Knowledge of, or experience with the DHS CDM program is preferred
-
Experience with developing IT security metrics to facilitate compliance with federal guidelines
-
Deep understanding of compliance requirements, standards, and guidelines governing security within the federal Government (e.g., FISMA, OMB memoranda, NIST publications)
-
Ability to support daily interaction with client management about day-to-day activities and strategic direction
-
Excellent oral and written communication skills targeted at a variety of technical and non-technical audiences
-
Documentation experience with Word, PowerPoint, Visio, Excel, Project, and SharePoint
-
Ability to bring innovative ideas and exercise professional judgment within defined business model, methodologies, and procedures
-
Industry certifications a plus
-
Candidates must be able to work on-site at federal agencies located in Washington, D.C. and must be able to obtain a U.S. federal public trust or pass a background investigation.
To apply send resume to Norris@FlexSR.com
Attn CMD (JACDT0101)