Information Assurance Principal Consultant

3 weeks ago
ID
2017-2833
# of Openings
1
Category
Consulting
Work Site - City
Colorado Springs
Department
Consulting Technical Services - FMW
Work Site - State
CO
Security Clearance Level
Public Trust
Maximum Expected Travel
50%
Type
Regular Full-Time

Job Overview & Responsibilities

The information Assurance Principal Consultant will provide technical consulting/advisory, implementation, as well as general maintenance and operational support services to our DoD customer in the Information Assurance and Cyber Security functional areas for Cloud based systems, including IaaS, PaaS, and SaaS. 50% travel if not local to Colorado Springs, CO.

 

Job responsibilities will include:

  • Assess and support the DoD IA certification and accreditation process through Risk Management Framework (RMF), DoD Cloud computing SRG, Secure Cloud Computing Architecture (SCAA), DoD Cloud connection, DISA STIG, CIS Baselines as required; and IA requirements, risks, and controls.
  • Lead implementation of INFOSEC controls, CSSP requirements, cyber security strategy, and program protection plan requirements.
  • Participate in architecture meetings and technical working groups to provide recommendations and provide summary reports of briefings with result of findings.
  • Establish contentious monitoring for compliance with DoD cyber security policy, as appropriate and review the results of such monitoring.
  • Ensure that inspections, tests (application, network, cloud configurations), and reviews are synchronized and coordinated with affected parties and organizations.
  • Identify and report incidents or vulnerabilities and consult with customer on protective or corrective measures.
  • Analyze the IA program plan, strategy, integrated baselines, and guidance and standards.
  • Ensure that system security engineering is used to design, develop, implement, modify, and test and evaluate the system architecture in compliance with the cyber security component of the DoD RMF & SCAA and to make maximum use of enterprise security investments.
  • Assist in developing and maintaining organizational or system-level cyber security program that includes cyber security architecture, requirements, objectives and policies, cyber security personnel, and cyber security processes and procedures.
  • Act as primary cyber security technical consultant to the Government for the Cloud hosted solution.
  • Develop and maintain process for reporting cybersecurity related events and potential threats and vulnerabilities.
  • Support design and development of secure interface specifications between interconnected systems; design, develop, integrate, and update system security measures that provide confidentiality, integrity, availability authentication, and non-repudiation; develop architectures or system components consistent with technical specifications.
  • Develop plans to safeguard IT system data against accidental or unauthorized modification, destruction, or disclosure to meet emergency data processing needs.
  • Perform other cyber security duties as assigned.

Qualifications

Education and Certifications:

 

  • U.S. Citizenship is a requirement for this position as a NACI check will be required
  • Bachelor's degree in Computer Science, Information Systems, or equivalent technical discipline preferred.
  • Required certifications (one of the following):
    CISM
    CISSP
    CISSP-ISSAP
    CISSP-ISSEP

Other Desired certifications: ISC-2 CCSP, OCSP, AWS Architect Associate / Professional, CEH, SSCP, GSNA

 

Required Experience and Skills:

  • Experience with performing IA functions on Cloud solutions based such as AWS, Salesforce and others preferably at IL4 or higher. Expert level knowledge of FedRAMP & Control implementation.
  • Experience with assessment and development of the following cybersecurity documentation:
    • Systems Security Plan
    • Privacy Threat Assessment and Privacy Impact Assessment
    • FIPS 199/Security Categorization and e-Authentication
    • Implementation of FedRAMP Customer Responsibilities
    • Disaster Recovery Plan
    • Incident Response Plan
    • Configuration Management Plan
    • Cloud Security Assessment Plan
    • Plan of Actions and Milestones including monthly monitoring CSP vulnerabilities.
  • Experience with Security Control Implementation and Tailoring across various systems: (configuration, Vulnerability Assessment, monitoring and reporting)
    • ISV: Microsoft, Red hat , Oracle and others
    • Java, .NET and similar platforms
    • Database, Applications and Webservers
    • Network Routing, Break/Inspect
    • Encryption/Key Management for user accounts and storage devices
  • Experience with
    • Establishing and executing Continuous Monitoring using cloud native and open source tools and technologies
    • HBSS, STIG, and CIS Standards.
    • Scripting and Configuration Management (Python, Chef, Puppet)
    • IDS, IPS, Firewall, Packet Capture, SIEM.
    • Kali Linux, Burp Suite
    • Qualis, Nessus, Rapid7
    • Frame works such as OpenVAS, ReconNG/Metaspoilt, W3AF

  Candidates must possess the following general skills:

  • Recent IT (more than 12 years) consulting or professional services experience.
  • At least 10 years of IASAE experience and more than 2 years of Cloud experience.
  • Effective verbal and written communication skills.
  • Analytical and problem-solving abilities.
  • Works on unusually complex technical problems and provides solutions which are highly innovative
  • Determines and pursues courses of action necessary to obtain desired results.
  • Experience working in a team-oriented, collaborative environment.
  • Exceptional attitude and work ethic.
  • Professional image, personality and demeanor.
  • Meticulous organizational and multi-tasking skills.
  • Commitment to excellent customer service.
  • Must work well under pressure, be creative, and motivated.
  • Able to work independently or with a team.
  • Must be eligible for a DoD CAC card, and willing to undergo and pass a background investigation to be able to work on Federal and public sector engagements.

Company Overview

Why work at Mythics?


Because at Mythics, YOU count!  
At Mythics, we have an environment that fosters creative thinking, respects your contributions, and accepts nothing less than excellence in serving our customers.  We demonstrate these core principles daily through our corporate Values of Respect – Empathy – Excellence – Fun (REEF). Our REEF values are the foundation of everything we do.

  • Comprehensive Health, Dental, and Vision plans available for you and your family
  • Premier 401k retirement plan with corporate matching and a 529 college saving plan
  • Tax-advantaged Health Savings Accounts and Flexible Spending Account options
  • Generous PTO bank and paid holidays
  • Fitness/gym membership reimbursement and other wellness activities
  • Tuition reimbursement for continuing education
  • Engaging company events such as quarterly awards, annual kick off parties, and FUN Friday’s (early release once a month)
  • Free gourmet coffee, tea, fresh fruits and healthy snacking alternatives
  • Community Service activities and charitable giving programs
  • Our GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices

Founded in 2000, Mythics is an award-winning Oracle systems integrator, consulting firm, managed services provider and elite Oracle platinum resale partner. Our business model is all about deep knowledge of Oracle technologies and business processes. We offer procurement and Oracle systems integration expertise across the full range of Oracle cloud, software, support, hardware, engineered systems, and appliances.  It’s a focus that gives us the critical business experience and the Oracle technology advantage you need to succeed.

 

Mythics, Inc. is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, physical or mental disability, sexual orientation, gender identity, age, marital status, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes. Mythics, Inc. will treat all employees equally with respect to compensation; opportunities for advancement, including upgrading, promotion and transfer, and all other terms and conditions of employment. This company is a VEVRAA Federal Contractor, and has designed and agreed to implement an Affirmative Action Program in accordance with Executive Order 11246 and VEVRAA Final Rule.  Mythics, Inc. is able to provide alternative methods of application for those who are unable to complete an online form.  Please contact accommodationrequests@mythics.com to arrange reasonable accommodations. To read more about your rights, please visit the Department of Labor Disability Rights Fact Sheet here. For more information about Federal laws prohibiting job discrimination, please view the “EEO is the Law” Poster here.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Don't see any positions that match your skillset? Not ready to apply? You can still Connect with us for future consideration!