Continuing Monitoring Program Specialist - Level 2

Why Work at SI?

Secure Innovations (SI) successfully and continuously strives to become experts in the Cybersecurity field by only focusing on Cyber! Because of this, we proudly stand behind our motto, "We're Not Standard Cyber. We're the Cyber Standard."

SI was built on the principle that people matter first and foremost. SI believes in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch security professionals.

Secure Innovations was recently awarded as a PRIME on this mission-focused cyber program!

Secure Innovations is looking for a talented Continuous Monitoring Program Specialist - Level 2 to join our team in Annapolis Junction, MD. In this role you will monitor information system networks to validate configuration status, using information readily available through automated support tools and implemented security controls, to support organizational risk management decisions. Maintains situational awareness, provides risk impact, and makes recommendations to CSSP Watch decision-makers and system owners regarding compliance, cybersecurity posture, enclave and network accesses, hygiene, vulnerability, and unmitigated risks. Consults with configuration managers to compare real-time information system metrics and values with established baselines and controls. Records and reports assessments of scheduled and unscheduled outages and tracks status of information system lifecycle milestones (installation; connectivity; online/offline; removal).

The Level 2 Continuous Monitoring Program Specialist shall possess the following capabilities:

1. Validate on-line endpoint devices compliance with security configuration standards using automated tools and software applications.
2. Verify asset/device identity using network mapping and system anomaly detection tools.
3. Track routine system behavior, hygiene, and maintenance to discern abnormalities which can indicate an event requiring further investigation.
4. Maintain a real-time, automated, network inventory to support compliance decisions and cybersecurity (information security) posture verification.
5. Provide hygiene status of IT assets (software and/or hardware).
6. Confer with operators, system administrators, ISSEs, ISSOs, and system owners to confirm or refute false positives.
7. Provide analysis and graphical presentations of collected metrics for compliance status reporting.
8. Identify process improvements to current Continuous Monitoring policies and procedures.

Qualifications:

An Active Clearance w/ FS Poly is REQUIRED

1. Two (2) years of demonstrated experience in any of the following: network analysis, threat analysis software utilization, and/or systems security management.
2. Requires DoD 8570 compliance with CSSP Auditor baseline certification, Information Assurance Technical (IAT) Level II or Level III certification, and Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
3. Requires successful completion of the Splunk software training course "Fundamentals 1".