RB Consulting Inc
Cybersecurity Specialist
RB Consulting Inc, Fredericksburg, Virginia, us, 22403
Cybersecurity Specialist 49-05-8013
Fort Detrick, Maryland
RB Consulting, Inc. ("RBCI") is a company that truly believes that workforce diversity is a major contributor to success. Since its inception, RBCI has made a concerted effort to attract and recruit talented individuals from all walks of life.RBCI is a Service-Disabled Veteran-Owned Small Business (SDVOSB) providing information technology (IT) services andsolutions, and professional services to commercial businesses, the Department of Defense (DoD), and other federal agencies.
We provide exceptional management and technology solutions that deliver practical and innovative results to our clients. With experience in project management, software design and development, systems integration, business analysis, testing, logistics operations, and financial management solutions, RBCI specializes in delivering custom applications that leverage commercial off-the-shelf (COTS) products. At RBCI, we pride ourselves in providing our clients with superior solutions and services that result in more than simply meeting mission requirements; we strive to solve their toughest problems while exceeding their expectations in responsiveness and flexibility.
RBCI provides generous benefits to our employees, including health/dental insurance, short-term/long-term disability, and a 401(K)-retirement plan, in addition to a highly competitive salary.
For more information, please visit us at www.rbci.com.
Position Summary
RBCI is seeking Cybersecurity Specialists to support the Integrated Clinical System PMO's mission to develop, manage and perform end to end life cycle logistics on medical equipment to protect and sustain the Warfighter's and their families for the Nation. The Cybersecurity Specialist will work directly with DoD and vendors running tests and evaluations on their medical equipment operating systems that will be sitting on the DoD network validating that the systems meet the DoD Risk Management Framework (RMF) requirements ensure the system is not vulnerable to inside and outside threats. This position is hybrid and supports the Fort Detrick, MD location (Contractor office within 10 miles of Fort Detrick).
(Military Veterans are highly encouraged to apply)
Duties and Responsibilities
This position is responsible for working with RBCI's team supporting our DoD customer toensure the appropriate administrative, physical and technical information security safeguardsare implemented across a portfolio of deployed military medical devices.Under general guidance of the Team Lead and the client, the incumbent will conduct informationsecurity assessments and testing to ensure the proper implementation of security controlsacross the environment. This includes populating defined security/risk assessments, identifyinggaps and compensating controls, identifying remediation plans, and publishing managementreports of results. This position may also participate in incident response investigations, helpidentify opportunities for product improvement, maintain policies and procedures that aredesigned to be operationally effective and efficient, and monitor compliance to policies, laws andregulations. The security specialist works with the DoD client to select and deploy technicalcontrols to meet specific security requirements and defines processes and standards to ensurethat security configurations are maintained.Conduct evaluations of technical and non-technical security safeguards to demonstrate anddocument compliance with the DoD's Risk Management Framework (RMF) requirements forsecurity and interoperability.Perform information security risk assessments as part of the project lifecycle to ensure that newmedical device technology conforms to security standards against internal and external threats.Perform Independent verification and validation (IVandV) testing, to include documentation of Planof Action and Milestone (POAM) data within the DoD system.Perform risk assessments of information and technology systems by conducting accurate andthorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity,and availability of information and technology systems.Work with security leadership and stakeholders to identify remediation strategies and plans toenforce security requirements and address risks identified in the risk assessment process.Along with the Security Architect, advise during application development or acquisition projectsto ensure that security controls are implemented as planned.Work with other security department members and stakeholders in scoping, planning andconducting third-party penetration testing, code reviews, or security assessments during theinformation security process.Perform risk assessments of third-party technology systems by conducting accurate andthorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity,and availability of DoD information and technology systems.Produce information security risk assessment reports that identify gaps with DoD SecurityPolicies and Standards and propose remediation plans.Assist in conducting information system activity reviews and participate in Risk ManagementFramework (RMF) testing exercises and activities: Monitor and test application and networkactivity for assurance that systems of controls are in place and effective, and for compliance toDoD policies and federal regulations.
Qualifications
Bachelor's degree in a related discipline or a minimum of four (4) years of experienceMust be a U.S. citizen with a currentPublic Trust Clearance; Desired: Secret ClearanceWorking knowledge internal controls and IT Risk Assessment and Mitigation proceduresTechnical experience in security-related technologies such as encryption, remote access, anti-virus systems, etc.A basic knowledge of the 8 domains of the Common Body of Knowledge for information security:
Security and Risk ManagementAsset SecuritySecurity EngineeringCommunications and Network SecurityIdentity and Access ManagementSecurity Assessment and TestingSecurity OperationsSoftware Development Security
Desired: Experience with medical devices or a working knowledge of security frameworks such as HIPAA, HITRUST, NIST, ISO or other industry standards that are relevant to the DoD medical enterprise
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the functions. While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand, walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is typically low to moderate.
Notes
This job description in no way states or implies that these are the only duties to be performed by the employee(s) incumbent in this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and r
Fort Detrick, Maryland
RB Consulting, Inc. ("RBCI") is a company that truly believes that workforce diversity is a major contributor to success. Since its inception, RBCI has made a concerted effort to attract and recruit talented individuals from all walks of life.RBCI is a Service-Disabled Veteran-Owned Small Business (SDVOSB) providing information technology (IT) services andsolutions, and professional services to commercial businesses, the Department of Defense (DoD), and other federal agencies.
We provide exceptional management and technology solutions that deliver practical and innovative results to our clients. With experience in project management, software design and development, systems integration, business analysis, testing, logistics operations, and financial management solutions, RBCI specializes in delivering custom applications that leverage commercial off-the-shelf (COTS) products. At RBCI, we pride ourselves in providing our clients with superior solutions and services that result in more than simply meeting mission requirements; we strive to solve their toughest problems while exceeding their expectations in responsiveness and flexibility.
RBCI provides generous benefits to our employees, including health/dental insurance, short-term/long-term disability, and a 401(K)-retirement plan, in addition to a highly competitive salary.
For more information, please visit us at www.rbci.com.
Position Summary
RBCI is seeking Cybersecurity Specialists to support the Integrated Clinical System PMO's mission to develop, manage and perform end to end life cycle logistics on medical equipment to protect and sustain the Warfighter's and their families for the Nation. The Cybersecurity Specialist will work directly with DoD and vendors running tests and evaluations on their medical equipment operating systems that will be sitting on the DoD network validating that the systems meet the DoD Risk Management Framework (RMF) requirements ensure the system is not vulnerable to inside and outside threats. This position is hybrid and supports the Fort Detrick, MD location (Contractor office within 10 miles of Fort Detrick).
(Military Veterans are highly encouraged to apply)
Duties and Responsibilities
This position is responsible for working with RBCI's team supporting our DoD customer toensure the appropriate administrative, physical and technical information security safeguardsare implemented across a portfolio of deployed military medical devices.Under general guidance of the Team Lead and the client, the incumbent will conduct informationsecurity assessments and testing to ensure the proper implementation of security controlsacross the environment. This includes populating defined security/risk assessments, identifyinggaps and compensating controls, identifying remediation plans, and publishing managementreports of results. This position may also participate in incident response investigations, helpidentify opportunities for product improvement, maintain policies and procedures that aredesigned to be operationally effective and efficient, and monitor compliance to policies, laws andregulations. The security specialist works with the DoD client to select and deploy technicalcontrols to meet specific security requirements and defines processes and standards to ensurethat security configurations are maintained.Conduct evaluations of technical and non-technical security safeguards to demonstrate anddocument compliance with the DoD's Risk Management Framework (RMF) requirements forsecurity and interoperability.Perform information security risk assessments as part of the project lifecycle to ensure that newmedical device technology conforms to security standards against internal and external threats.Perform Independent verification and validation (IVandV) testing, to include documentation of Planof Action and Milestone (POAM) data within the DoD system.Perform risk assessments of information and technology systems by conducting accurate andthorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity,and availability of information and technology systems.Work with security leadership and stakeholders to identify remediation strategies and plans toenforce security requirements and address risks identified in the risk assessment process.Along with the Security Architect, advise during application development or acquisition projectsto ensure that security controls are implemented as planned.Work with other security department members and stakeholders in scoping, planning andconducting third-party penetration testing, code reviews, or security assessments during theinformation security process.Perform risk assessments of third-party technology systems by conducting accurate andthorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity,and availability of DoD information and technology systems.Produce information security risk assessment reports that identify gaps with DoD SecurityPolicies and Standards and propose remediation plans.Assist in conducting information system activity reviews and participate in Risk ManagementFramework (RMF) testing exercises and activities: Monitor and test application and networkactivity for assurance that systems of controls are in place and effective, and for compliance toDoD policies and federal regulations.
Qualifications
Bachelor's degree in a related discipline or a minimum of four (4) years of experienceMust be a U.S. citizen with a currentPublic Trust Clearance; Desired: Secret ClearanceWorking knowledge internal controls and IT Risk Assessment and Mitigation proceduresTechnical experience in security-related technologies such as encryption, remote access, anti-virus systems, etc.A basic knowledge of the 8 domains of the Common Body of Knowledge for information security:
Security and Risk ManagementAsset SecuritySecurity EngineeringCommunications and Network SecurityIdentity and Access ManagementSecurity Assessment and TestingSecurity OperationsSoftware Development Security
Desired: Experience with medical devices or a working knowledge of security frameworks such as HIPAA, HITRUST, NIST, ISO or other industry standards that are relevant to the DoD medical enterprise
Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the functions. While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand, walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is typically low to moderate.
Notes
This job description in no way states or implies that these are the only duties to be performed by the employee(s) incumbent in this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and r