Sentrillion
  • Falls Church, VA, USA
  • Salary
  • Full-Time

Full benefits package available


Sentrillion is currently looking for Cyber Security Professionals with agile methodology, SAP and/or Maximo experience to join our team in supporting Customs and Border Protection (CBP) client located in Northern Virginia!

Are you a talented cyber security professional who wants to be part of a fast-growing, family-oriented company that makes a difference for your country and offers career growth opportunities nationwide? Do you thrive in a fast-paced and exciting work environment ? Would you like to have your hard work recognized and rewarded ? If so, please read on!

The Cyber Security Specialist with both strong cyber security and network security delivery skills will need to have a deep technical understanding of cyber security practices, delivering secure and reliable hardware and software solutions in short sprints.  This professional will work in close collaboration with software developers/engineers, quality assurance engineers, stakeholders, and end users within Agile Engineering processes. They must have a working knowledge of enterprise class information assurance requirements and network security and survivability.

A Day in the Life of a Cyber Security Professional:

Serve as a Cyber Security Team member responsible for the Information Assurance and Security of application, database, and enterprise network services. Responsible for activities associated with delivery of Cyber Security policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include:

  • Implement Cyber Security Program strategy
  • Apply information security in accordance with National/DHS/CBP directives security policy including, but not limited to,  , NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171,  DHS 4300A,  CBP Handbook 1400-05D
  • Assess entire system lifecycle requirements and network security impacts
  • Support creation of, and ensure approval for, Department of Homeland Security (DHS) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects
  • Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures
  • Document DHS RMF Security Implementation Plan artifacts.  Coordinate and assist development team with application artifact documentation
  • Assist government personnel in preparing and presenting Information Assurance Compliance System (IACS) packages to the Control Assessor (SCA) Assess and analyze the current threat environment
  • Enhance Implement Cyber Security vulnerability/A&A hardening testing
  • Optimize Cyber Security development environment certification
  • Architect & Engineer security develop security goals, capabilities, controls, and architecture
  • Design & Implement security vulnerability management, build security into development
  • Integrate & Test Security test patches and settings, document A&A artifacts
  • Validate & Verify security validate patch status and software control status
  • Implement security apply patches and security settings, performance incident handling and remediation
  • Maintain security posture audit security settings, track security training, monitor threats, track reaccreditation
  • Enable assurance for information security during all phases of agile software development and deployment
  • Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
  • Identify, assess, and recommend zero-day cyber threat remediation
  • Address Cyber Security issues to help maintain Continuity of Operations Plans (COOP)
  • Perform information security vulnerability testing and mitigate any nonconformance
  • Supports reviews and audits of continuous system monitoring and contingency planning. Updates associated documentation as needed
  • Create and manage Plan of Action & Milestones (POA&M)
  • Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
  • Understand and assist developers with static code analysis processes
  • Report and help investigate security-related incidents and security violations as requested by the Computer Security Incident Response Center (CSIRC)
  • Monitor and inspect for approved software usage and implementation of approved antivirus and other security related software
  • Develop and maintain security training programs are developed and maintained

 

Qualifications/Experience:

  • Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include:
    • 7-year check for felony convictions
    • 7-year check for illegal drug use
    • 7-year check for misconduct such as theft or fraud
  • College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline is preferred.  4 years of experience accepted in lieu of degree.
  • Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred
  • Demonstrated knowledge DHS 4300A, "Sensitive Systems Handbook", and CBP Handbook 1400-05D, "Information Systems Security Policies and Procedures Handbook"
  • Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems" and NIST SP 800-53A, "Guide for Assessing the Security Controls in Federal Information Systems"
  • Professional Experience: Five (5+) years related technical experience

Knowledge Preferred:

  • Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
  • Working knowledge of Federal Information Security Management Act (FISMA) reporting requirements and processes
  • Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
  • Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
  • Experience with continuous integration tools and environments
  • Experience with scripting languages like Perl, VBScript, Ruby, etc.
  • Experience with Computer Network Defense (CND) processes, procedures, and tools
  • Acting independently to expose and resolve problems
  • Demonstrated experience with HP Fortify Software Security Center
  • Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
  • Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage
  • Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies
  • Demonstrated experience using IACS
  • Demonstrated ability to identify and manage risk
  • Understanding all elements of the DHS and CBP Cybersecurity policies and requirement
  • Excellent written and verbal communication skills
  • Strong collaboration skills and desire to work within a team
  • Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter

 

About Sentrillion

For nearly a quarter of a century, we have been helping secure America's borders and safeguard national assets through integrated technology solutions. We develop strategies and implement solutions that increase safety and security, save time, decrease cost, and improve outcomes. We are also committed to being a good corporate citizen and helping improve the communities in which we live and work by partnering with community organizations and volunteering . A right-sized organization, we are big enough to protect the perimeter of the country, yet small enough to rapidly respond to customer needs.

We work hard to attract and retain employees who are committed to the important work that we do for our customers and the nation. Many have been with us for more than a decade! To do this, we offer a full benefits package , training programs , and opportunities for advancement . And, we maintain a collaborative corporate culture that values people, is honest and open , promotes teamwork , and encourages a healthy work-life balance.

 

Sentrillion is an EEO Employer/ Protected Veteran / Disabled

Sentrillion
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Share This Page
  • Facebook Twitter LinkedIn Email
.
contact fb twitter linkedin about solution offerings markets served logo contract vehicles strategic partners careers