Location: Atlanta, GA, United States
Category: Cyber
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Remote: Hybrid Remote
Our staff at Elite Paradigm have the opportunity to work on cutting-edge solutions that will affect people’s lives now and in the future. In order to collaborate to create the future and have fun while doing it, we seek out individuals with audacious new ideas, courage, and a pioneering attitude. Our culture is one that values intellectual vigor, cognitive diversity, and bringing your complete self to work. We also have an unquenchable desire to do things that other people might consider to be unachievable.
Push the limits of what is possible to put your abilities to the test. Your knowledge and skills will make it possible, from global defense to mission readiness, sustainment, and modernization. Programs offered by Elite Paradigm are based equally on collaboration and inquiry. Together, we can connect and defend millions of individuals throughout the world for our customers.
Position Overview:
Elite Paradigm is seeking a Cyber Security Manager to join our team to support our public sector clients. The role is a part of the IT infrastructure Operations, Development, Modernization, and Enhancement Team.
Responsibilities of this position will include but not be limited to the following:
- Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics and loss prevention.
- Manages risk and vulnerability assessment at the network, system, and application level. Conducts threat modeling exercises.
- Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
- Prepares security reports to regulatory agencies. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
- This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
- Ensure client is in compliance with required government policies and processes (i.e., NIST, FISMA), and makes recommendations on process tailoring.
- Manage the audit finding using the National Institute of Standards and Technology (NIST) security controls developed under the Federal Information Security Management Act (FISMA).
- Review and validate the evidence in support of responses to security-related audits. Provide support for third-party audits performed by the OIG (annual financial statement and FISMA audits, penetration tests, other external regulatory agencies, and internal oversight elements).
- Performs analyses to validate established security requirements and to recommends additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
- Periodically conducts of a review of each system’s audits and monitors corrective actions until all actions are closed.
- Manages subordinate management and/or experienced specialist employees who exercise significant latitude and independence.
Qualifications:
Education and Experience: Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
Required Skills:
- 10+ years of experience in Information Technology field
- 8+ years of experience with Transmission Control Protocol (TCP)/IP or Windows or Unix/Linux operating systems or network devices such as firewalls, gateways, proxies and similar IT devices.
- 5+ years of specific experience in cyber security and managing security operations center (SOC) personnel in an environment similar to PBGC size and scope.
- 3+ years of experience utilizing IT Security tools such as BigFix SCA, Splunk, Sourcefire, Symantec Antivirus, Tenable Nessus & Security Center in automating continuous monitoring tasks.
- 3+ years of demonstrated experience in developing POAMs, gap analysis, vulnerabilities, and responding to audit findings, including the use of assessment and authorization management tool such as CSAM, RSA Archer, Exacta, or eMASS.
- Minimum 3 years specific experience in developing and documenting processes compliance with NIST 800-37, 800-53 Rev 3 and 4 security controls and NIST guidance in general including extensive knowledge of obtaining ATOs and developing system security plans.
- Excellent in oral and written communication skill.
Interested candidates email your CV/resume to opportunities@eliteparadigmllc.com