Cybersecurity Process Engineer

The Cybersecurity Process Engineer – Senior provides cybersecurity expertise and Service Management process guidance to support the Defense Information System Agency (DISA) technology infrastructure. Assesses system risks and facilitate remediation of security vulnerabilities. Using ITSM process experience, report on findings

and provide recommendations for corrective actions. Interface with governance teams in organization. Perform vulnerability assessments as assigned, utilizing IT security tools and methodologies.

Responsibilities

Collaborate with internal and external SMEs and senior-level Government customers to determine the best courses of action in preparation for IT audits, risk assessments, and regulatory requirements.

Conduct cybersecurity research and analysis to support DISA's Configuration Control Board. Coordinate with government counterparts to support expert provisioning Remedy ITSM ticket management and customer support.

Execute Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS) scans to determine infrastructure vulnerability state and develop highly customizable reports for briefings to DISA's leaders

Configure, update, and manage Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS) in support of DES Operations

Coordinate with engineers to troubleshoot cyber issues to identify the problem root causes and provide solutions.

Conduct technical analysis and present findings on proposed DES changes; clearly articulate the rationale in favor of or recommendation for rejection against proposed changes

Analyze, Uses Government-provided IT Service Management (ITSM) tool to track key performance indicators such as assignment, completion, and timeliness

Recording and validating resolution with incident/problem owners IAW with the DES Incident Management SOP and the DES Security Management SOP is required prior to closing out trouble tickets.

Develop, edit, and update Security SOPs and TTPs for Operations

Responsible for reviewing regulatory security policies, as well as best practices, and develop the technical solution required to implement those requirements on servers, routers, firewalls, and other LAN/WAN

equipment

Strong experience with implementing configuration baselines and DISA STIGs Strong experience with vulnerability mitigation and patching

Reporting security incident status and progress to senor Government stakeholders Have flexible working hours to be available to support team when needed

Knowledge And Skills

Excellent verbal and written communication skills

Ability to organize and facilitate planning and demonstrations

Ability to track, manage, and ensure project tasks are completed in a timely manner

Technical Knowledge

ServiceNow/Remedy ITSM

SolarWinds Network Configuration Monitor (NCM) System Center Configuration Manager (SCCM) Palo Alto Firewalls

ACAS HBSS

Education And Experience

Bachelor’s Degree

6+ years of experience

Network Or Other Certifications Needed Or Specialty Experience

ITIL v3 Foundation or advanced ITIL certifications such ITIL Intermediate Certifications in Service Lifecycle and/or Service Capability, & ITIL Practitioner are preferred

3 Yrs ServiceNow/Remedy ITSM Experience Preferred

IAT Level II Security+CE (or appropriate DoDM 8570 Baseline Certification)

Clearance/Citizenship

Secret

Must be US Citizen

Location:   Fort Meade, MD