Job Description: Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol national network. A Remediation Management Specialist is needed to support the customer team. The ideal candidate for this job will be an experienced security practitioner who is goal-oriented and strives to exceed expectations.
The Cyber Security Vulnerability Engineer accurately assess the vulnerabilities associated with customer information systems, coordinate with system owners to remediate vulnerabilities, and report progress of the remediation efforts to customer management.
This position can be either a G08 or a G09, depending on qualifications of the candidateResponsibilities will include:
- Serve as SME to explain vulnerabilities and risk to management and technical resources.
- Serve as SME to assist in vulnerability remediation and providing written recommendations on how to mitigate risks. Ensuring recommendations are in compliance with customer regulations, guidance, and management directives.
- Investigate identified vulnerability risks and assist to prioritize vulnerability remediation actions.
- Assist in compliance efforts (SOX, PCI, FISMA)
- Complete assigned projects or assignments independently.
- Communicate goals, build consensus across teams and negotiate remediation efforts and timelines. Assisting with research, documentation, revision, development, evaluation, and implementation of security plans.
- Providing support to the team lead who works directly with Staff/Program Managers from Corporate Information Security Office (CISO).
- Researching, developing, implementing and assessing the effectiveness of security policies, procedures, and controls to support customer operations.
- Assisting with the development of stakeholder communications, e.g., reports, security presentations, executive-level briefings, etc.
- Collaborating with stakeholders to ensure security issues are addressed correctly.
- Maintaining relationships among CISO Leadership, Policy and Risk Management, Inspection Service and Postal Service unit managers, security control officers, area security coordinators, and other key deliverable stakeholders.
- Providing security guidance to internal and external customers.
- Serving as a liaison between the USPS organizations.
- Developing measures of effectiveness and measures of performance for the remediation of vulnerabilities
- The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
- 4+ years related experience in security operations and/or vulnerability management and a Bachelor's Degree for G08
- 6+ years related experience in security operations and/or vulnerability management and a Bachelor's Degree for G09
- Must be a self-starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervision
- Ability to effectively prioritize and execute tasks in a high pressure environment
- Understanding of security standards and concepts and their practical implications on risk. Knowledge of security concepts, principles, procedures, methods, and practices to include intrusion prevention and detection, risk assessment tools, closed circuit television, and access control.
- Understanding of vulnerability scanning and penetration testing and their results.
- Ability to communicate risks and provide guidance for vulnerability remediation
- Understanding of common regulatory or standards-based control frameworks such as: PCI-DSS, ISO 27001/2, NIST 800-53, etc.
- Knowledge of OWASP, SANS Top 20 Critical Security Controls and NIST Vulnerability Database (CVE & CCE)
- Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, DNS, etc.
- Knowledge of Windows and Unix Operating Systems
- Solid understanding of information, host and network security, common intrusion techniques, and risk management concepts
- Ability to work within a multi-disciplined team.
- Proficiency with MS Office Applications.
- Candidate should also demonstrate attention to detail, have the ability to work independently with minimal supervision and adapt to changes in priorities in a fast-paced environment.
- Excellent verbal and written communication skills.
- Excellent interpersonal skill to enable building working relationships.
- Ability to work in a team environment and work collaboratively across
- Excellent electronic research skills using search tools, databases, and similar sources to support various customer programs and projects.
- SPECIAL CONDITION: Ability to travel to Eagan, MN and other USPS locations
Required Education (including Major): Bachelor’s Degree in a related field. Two years of related work experience may be substituted for each year of degree level education.
- Experience supporting U.S. Government agencies.
- Ability to assist others in solving problems and work with them to implement the solution.
- Ability to use interpersonal skills, along with knowledge of the Agency structure and organization, to identify the proper resources to apply to current problems.
- Required Education (including Major): Bachelor’s Degree in related field. Two years of relevant work experience may be substituted for each year of degree level education.
- Prefer IA Manager (IAM) Level II, as prescribed by DOD 8570.1-M, Information Assurance Improvement Program as demonstrated by having one of the following Certifications:
- CISSP (or Associate)
- 2 years of demonstrated experience related to Authorization and Assessment/Certification and Accreditation processes and documentation including Risk Management Framework (RMF) guidelines, directives and security mandates.
- 3 years of demonstrated experience related to vulnerability notification/identification processes for IAVA, TCNOs, STIGs, etc.
CISSP, CISA, CISM
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Cyber, Security, All, Warfighter Support Services
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
JBRaytheon ICJBMeta // SKCYB85