SeKON
Information Technology Security Manager (REMOTE)
SeKON, Reston, Virginia, United States, 22090
SeKON is looking for an Information Technology Security Manager to join our talented and innovative team supporting the Defense Healthcare Agency and its Global Nurse Advice Line program. The mission lifecycle of GNAL is to competitively acquire, test, deliver, and successfully transition to a state-of-the-market Global Nurse Triage Service to the Defense beneficiaries around the world anytime.
With over 20 years of experience, SeKON specializes in providing large-scale health IT programs in support of federal government customers including the Centers for Disease Control (CDC), Centers for Medicare and Medicaid Services (CMS), Defense Health Agency (DHA), and National Institutes of Health (NIH). Our vision "To be the premier management and technology consulting firm providing solutions that improve quality of life and work".
The Senior Information Assurance/Cyber Security Specialist reports to the Program Lead. Required and desired skills include:
REQUIREMENTS:
10+ years of specialized Information Assurance with government (public sector) IT systemsDoD 8570 certifications for information Assurance Management Level II (at minimum, CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO)Bachelor's Degree or equivalent government or private-sector work experienceCurrent IC2 CISSP certificationExperience in:Executing NIST, DISA, and DoD Security Standards and Risk Management Framework (RMF) processesWorking and documenting Risk Management Framework processing with end results achieving an Authority to Operate (ATO) with zero policy rejectionsHands on cyber security management using the Governance, Risk, and Compliance toolsNetwork security, continuous monitoring, system auditing, and security policy developmentCompliance scanning tools (Nessus, Wireshark, Fortify); running scans, evaluating results, and determining remediation stepsWriting POAMs, including detailed justifications for program-required non-compliant itemsThorough understand of and experience with the Federal Information Security Management Act (FISMA)Vulnerability remediation activities, scanning and analysis and STIG/ Manual Checklist auditing
Strategic planning, policy development and preparation of executive presentationsIdentification of risks, gaps and opportunities with specialized experience providing oversight of projects to ensure that developed solutions meet customer requirements.Ability to work multiple projects concurrently within deadlines while ensuring that complex information is conveyed in a clear, accurate, and concise manner under normal and in crisis situationsSkill in the use of various types of office automation to includes Microsoft Suite (PowerPoint, Word, Excel, Visio, Project and Access)Superior verbal and written communication and customer service skills including presenting to senior government officialsAbility to work collaboratively and proactively with customers and program office members in a multi-vendor environmentServe in a variety of ad hoc roles to include participating in and contributing to proposal efforts and hiring processesDeveloping and presenting brown bags to present across program offices for continuous process improvementDESIRED SKILLS:
Special consideration for:
Additional 8570 certifications such as CCNA Security, CySA+, CISSP, GICSP, GSEC, Security+ CE, CND, SSCP, AWS Cloud Certified Security (Specialty)Advanced Cloud Security Services (container/FEDRAMP), Web Applications, Security Architecture, Relational databasesExperience in DoD Healthcare IT and/or electronic health record (EHR) systemsDMDC DEER IWS ServiceCerner Millennium EHRInteroperability other defense agencies including VA (VISTA) and Defense Information Systems Agency (DISA)
Knowledge of:
Industry best practices such as ISO, CMMI, Lean Six Sigma, and agile scrum
System Development Lifecycle (SDLC) Requirements, use cases, release management, testing, risk management, change management, and configuration management experienceInstalling, managing, maintaining, administering, and troubleshooting applications, and documenting technical guides
Software Development and Documentation Standards (SDDS)Department of Defense (DoD) Acquisition lifecycle-working in major acquisition
Program/system(s) adherence with DoDI and DoDD
With over 20 years of experience, SeKON specializes in providing large-scale health IT programs in support of federal government customers including the Centers for Disease Control (CDC), Centers for Medicare and Medicaid Services (CMS), Defense Health Agency (DHA), and National Institutes of Health (NIH). Our vision "To be the premier management and technology consulting firm providing solutions that improve quality of life and work".
The Senior Information Assurance/Cyber Security Specialist reports to the Program Lead. Required and desired skills include:
REQUIREMENTS:
10+ years of specialized Information Assurance with government (public sector) IT systemsDoD 8570 certifications for information Assurance Management Level II (at minimum, CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO)Bachelor's Degree or equivalent government or private-sector work experienceCurrent IC2 CISSP certificationExperience in:Executing NIST, DISA, and DoD Security Standards and Risk Management Framework (RMF) processesWorking and documenting Risk Management Framework processing with end results achieving an Authority to Operate (ATO) with zero policy rejectionsHands on cyber security management using the Governance, Risk, and Compliance toolsNetwork security, continuous monitoring, system auditing, and security policy developmentCompliance scanning tools (Nessus, Wireshark, Fortify); running scans, evaluating results, and determining remediation stepsWriting POAMs, including detailed justifications for program-required non-compliant itemsThorough understand of and experience with the Federal Information Security Management Act (FISMA)Vulnerability remediation activities, scanning and analysis and STIG/ Manual Checklist auditing
Strategic planning, policy development and preparation of executive presentationsIdentification of risks, gaps and opportunities with specialized experience providing oversight of projects to ensure that developed solutions meet customer requirements.Ability to work multiple projects concurrently within deadlines while ensuring that complex information is conveyed in a clear, accurate, and concise manner under normal and in crisis situationsSkill in the use of various types of office automation to includes Microsoft Suite (PowerPoint, Word, Excel, Visio, Project and Access)Superior verbal and written communication and customer service skills including presenting to senior government officialsAbility to work collaboratively and proactively with customers and program office members in a multi-vendor environmentServe in a variety of ad hoc roles to include participating in and contributing to proposal efforts and hiring processesDeveloping and presenting brown bags to present across program offices for continuous process improvementDESIRED SKILLS:
Special consideration for:
Additional 8570 certifications such as CCNA Security, CySA+, CISSP, GICSP, GSEC, Security+ CE, CND, SSCP, AWS Cloud Certified Security (Specialty)Advanced Cloud Security Services (container/FEDRAMP), Web Applications, Security Architecture, Relational databasesExperience in DoD Healthcare IT and/or electronic health record (EHR) systemsDMDC DEER IWS ServiceCerner Millennium EHRInteroperability other defense agencies including VA (VISTA) and Defense Information Systems Agency (DISA)
Knowledge of:
Industry best practices such as ISO, CMMI, Lean Six Sigma, and agile scrum
System Development Lifecycle (SDLC) Requirements, use cases, release management, testing, risk management, change management, and configuration management experienceInstalling, managing, maintaining, administering, and troubleshooting applications, and documenting technical guides
Software Development and Documentation Standards (SDDS)Department of Defense (DoD) Acquisition lifecycle-working in major acquisition
Program/system(s) adherence with DoDI and DoDD