Welcome page Returning Candidate? Log back in! Cybersecurity Specialist Job Locations US-VA-Norfolk | US-VA-Norfolk ID 2024-19086 Category Cyber Security Security Clearance Requirement NATO Secret (NS) Type Regular Full-Time Level Mid-level Overview

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.  

 

The Joint, Office of the Secretary of Defense, Interagency Division (JOID) provides expert support services to a range of customers spanning across the Department of Defense, Federal, Civilian, and International markets. JOID provides a diverse portfolio of analytical and programmatic capabilities to help our customers make informed decisions on their most challenging issues.

 

SPA's NATO Allied Command Transformation (ACT) Group within JOID provides capability development, portfolio management, program management, quality management, cost estimation analysis, standardization, reporting, software solutions and information management, and capability management support. We also provide an improved capability requirements capture process, including the generation, documentation and tracing of user requirements, with appropriate technical scrutiny, over the entire lifecycle of the requirements from capability definition through capability realization and capability usage.

 

NATO HQ SACT's Innovation Lab (iHub), built on the concept of Open Innovation, provides a catalogue of innovative products and services to its operational customers. The iHub products, also known as Minimum Viable Products (MVPs), are developed following best industry, Agile DevSecOps methods with strong focus on rapid, iterative delivery that meets customers’ requirements.

 

SPA has an immediate need for a Cybersecurity Specialist to support HQ SACT's Innovation Hub onsite in Norfolk, VA.

Responsibilities

The Cybersecurity Specialist will assess and enhance security for the Innovation Hub Laboratory Capability through implementing security-first policies in the Innovation Hub. The successful candidate will collaborate with relevant (NATO) organizations to achieve ACT cloud-based information system (Platform) and software products accreditation, and to obtain NATO specific Approval for Testing. Will create and maintain necessary security documentation for rapid NATO network deployment and provide security accreditation guidance to the Innovation Hub's platform, infrastructure, and MVP teams throughout product life cycles. Will conduct security risk assessment in support of products/services based on cloud computing architectures (public cloud); in particular, identify the level of threats and vulnerabilities for all the assets comprising products/services, derive the residual risks, and provide risk management recommendations.

Qualifications

Required:

Active NATO or National Secret (or higher) security clearanceBachelor's or Master's degree in Information and Communication Technologies (ICT), Computer Science, or related discpline; OR 8 years of experience as a Cybersecurity ProfessionalProven knowledge of software development (Agile/DevSecOps) as, for example, Developer or Solution/Software Architect, and their relevancy to securityExperience working as a Security Professional within the NATO enterprise or at a national level, including knowledge of the NATO/national Security Policies and supporting directivesAble to identify, engineer, implement, and monitor security measures for the protection of computer systems, networks, and information, based on security risk assessment methodologies and toolsKnowledgeable about (self-hosted) cloud native applications, and associated production cyclesKnowledgeable about industry standard security tools (SonarQube, Nessus, etc.) and able to create tailored configurations applicable to specific information systemsProven knowledge with modern software solutions, technologies, and concepts (anti-virus software, intrusion detection, firewall, content filtering, Cloud, Docker, IdAM, Proxy, CI/CD, technology stacks, and other relevant technical concepts) and their relevancy to securityAWS (or similar) Security Specialties certification

 

Desired: 

Knowledge of information security management frameworks ISO/IEC 27001 and/or ISO/IEC 27005 and/or an (active) CISSP certificationExperience with Agile teams and Minimum Viable Products (MVPs)Experience with or knowledgeable about NATO's standards for security Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed SPA is committed to the principles and practices of equal employment opportunity (EEO) and Affirmative Action. It is, and will continue to be, the policy of the company to afford equal employment opportunities to all qualified individuals. We recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, age, marital status, protected veteran status, disability or genetics or any other characteristic protected by federal, state or local law. Application FAQs

Software Powered by iCIMS
www.icims.com