The candidate must be familiar with network vulnerability scanners (e.g. Retina, ACAS, Nessus). The candidate
must be familiar with patch management software (e.g. WSUS, SCCM, SMS, Hercules, etc.). Event Logging and
analysis for a Defensive Cyber Infrastructure, Accreditation Cyber Forensic analytics capabilities.
Provide subject matter expertise in the provision of information assurance (IA) support for certification and
accreditation (C&A), DIACAP or RMF accreditation package and artifact generation, requirements analysis, security
test and evaluation (ST&E) plans and execution, risk assessments, systems analysis and hardening, incident
response and policy analysis, trusted product evaluations, IA program assessments, and security posture
presentations. Provide analytical support for the development and submission of C&A documentation in
compliance with the DIACAP or RMF requirements. Apply knowledge of technology, analyze the security
implications of systems and applications security, and provide recommendations to decision-makers and
engineers. Provide experience-based advice and assistance to facilitate C&A efforts.
Design, develop, and recommend integrated security system solutions that will ensure proprietary and confidential
data and systems are protected. Provide technical engineering services for the support of integrated security
systems and solutions. Interface with the client in the strategic design process to translate security and business
requirements into technical designs. Configure and validate secure complex systems and test security products and
systems to detect security weakness. Provide work leadership to more junior employees. This position is located in
Aberdeen Proving Ground, MD.
-Associates Degree and 9 years experience; or Bachelors degree and 7 years experience; or Masters Degree and 5 years of experience; or combination of 11 years which may include education/specialized training/certifications and/or experience.
-Experience with cyber remediation of network systems, to include user equipment (laptops, desktops, and
tablets) and network devices (Servers)
-Analyze and/or administer security controls for information systems in lab and field environments
-Ensure designs meet applicable security technical implementation guides (STIGs)
-Conduct engineering vulnerability assessment of systems utilizing DoD approved IA tools (ACAS) and DISA STIGs
-Identify technical applicability, remediate, support mitigation of IAVA notices and support metric reporting
-Research, interpret, and provide technical policy guidance pertinent to information and system security
-Exercise creative thinking and ideation to advance our business performance
-Deliver innovative, flexible, integrated solutions to meet customers changing business needs
-Support and engage in programs, projects and practices and strategy, and comply with all policies and procedures
-Follow industry and department trends and developments to ensure services are consistent with, and/or superior
to, industry best practices
-Experience with reviewing government guidance, including task orders, directives, STIGS, or IAVAs for applicability
- Secret with SSBI clearance required
- 11 years of combined experience
- DoD Approved Level III certification REQUIRED
-Operating System Certification (Windows10, Server 2012 or Linux)
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for
access to classified information; Secret with eligibility for a Top Secret is required.
Mandatory Requirement: Candidate must be a US Citizen in order to obtain and maintain an interim and final
- Top Secret clearance preferred
- Bachelors or Masters degree in a technical area (Computer Science, Information Assurance, Cyber Security…)
- Certified Information Systems Security Professional (CISSP) certification preferred
-Experience with developing and maintaining DoD Information Assurance Certification and Accreditation Process
(DIACAP) or Risk Management Framework (RMF) packages
-Experience with vulnerability assessments using various scanning tools
-Experience with performing, interpreting, and reporting vulnerability assessments
-Experience with developing and presenting, orally and in writing, technical information to non-technical audiences
-Knowledge of computer networking and network-based information assurance devices
Technical and Management Resources, Inc. is an Equal Opportunity Employer and does not discriminate with regard to race, color, religion, sex, age, national origin, disability, or Vietnam veteran status. This policy affirms TMR’s commitment to the principles of fair employment and the elimination of discriminatory practices. We encourage all employees to take advantage of opportunities for promotion as they occur.