Description Specialist should be capable of providing security control assessments in accordance with NIST Risk Management Framework and the Committee on National Security Systems (CNSS)'s guidance and standards. Able to validate those assessments and analysis of DHS NSS and other designated systems, appliances, or applications. Evaluate cyber risk indicators, including those risks stemming from cyber threats and protections that are in place to mitigate those threats. (e.g., Common Vulnerabilities and Exposures (CVE), Computer Emergency Readiness Team (CERT), Information Assurance Vulnerability Alert (IAVM), etc.). Duties/Responsibilities: * Draft and finalize DHS National Security System and Sensitive System Policy proposals and updates.
* Draft DHS NSS Assessment, Compliance, and Policy Support Standard Operating Procedures and Playbooks * Draft DHS RMF Processes and Procedures * Provide Analysis Report from Cybersecurity Threats and Vulnerabilities Research (both OSINT and other sources) * Assist with the development and maintenance of formal documented NSS Assessment and Compliance SOPs. SOPs shall provide the operational basis for the DHS NSCD Compliance CONOPS. * Continuously tune and update Government provided cyber risk recommendations to specifically designated systems through continuous monitoring through established CONMON processes of select NSCD-defined controls, Plans of Action and Milestones (POAM) monitoring and mitigations, and common cyber threats to DHS assets. * Provide recommendations and produce consistent comprehensive reports. Activities include: * Implementation, training, and SOP development and maintenance of implemented solutions * In-depth analysis to determine trends and patterns of cyber threat information. * Reporting results of all analyses to the Government Leads and DHS NSCD Director * Document lessons learned after security control assessments and customer on- site assistance visits (COAV). * Attend regular and ad-hoc NSS related meetings, to include ERB (Engineering Review Board),C-ICCB (Classified Infrastructure Change Control Board), HSDN Safeguarding and Information Assurance (IA) Governance Board, CIACS (Classified Information Assurance Compliance System) status meetings. * Participate in NSCD Site Compliance * Fulfill/complete/meet/act in accordance with DHS NSCD guidance. * Adhere to all CONOPS, DHS NSCD procedures and guidance (CNSS, NIST and DHS 4300B Security Policy) when performing NSS compliance activities/reporting. * Manage the reporting cyber security compliance events that affect DHS NSS. * Document all compliance activities, to include any incoming DHS Chief Information Security Officer (CISO) and DHS Information and Analysis (I&A) requests for information. * Maintain an up-to-date list of Department, Component, and relevant cyber-IA POCs in designated website. * Utilize DHS NSCD-authorized compliance tracking system(s) tool to track approvals, compliance activities, and reporting. * Compliance reports shall be in business language and effectively communicate the effect on the mission, what assets were evaluated, what was the resultant cyber risk recommendation, and the plan to mitigate any resultant cyber risk issues. * Conduct research on cyber threats, assess the protections in place to mitigate cyber threats, determine and document risks associated to the associated DHS NSS asset in the corresponding Risk Assessment Report. * Keep the DHS CISO and other key stakeholders informed of matters concerning the DHS NSS security posture. * Serve as an advisor to DHS NSCD Government personnel who represent DHS to external Government Agencies and National Security forums and discussions, as they relate to DHS NSS compliance activities. * Conduct weekly/monthly POAM monitoring and review to ensure mitigation due dates do not expire, and work with the system owners, ISSOs and other system security representatives to ensure POAM timely closures. To be determined at the order level. * Provide analysis and feedback on DHS security artifacts when assigned to * NSCD, to include but not limited to Memorandum of Understandings (MOU), Memorandum of Agreements (MOA), and Interconnection Security Agreements (ISA). * Support the development and update of DHS NSCD Information Safeguarding and Risk Management Council (ISRMC) processes and procedures. * Propose security policy enhancements, through gap analysis, in coverage and/or new capabilities that would further promote the Department's national security posture. * Support the formulation of DHS NSCD Standard Operating Procedures and playbooks for security practices that involve NSCD initiatives. * Perform DHS National Security Exception (NSE) review and analysis in support of Section 508 compliance. Additional Support: * Prepare documents such as charters, agendas, presentations, and memorandum. * Maintain distribution groups, points of contact lists, and group membership listings. * Publish messages and notifications to the DHS community. * Coordinate with the CISOD Business Offices to route and track communications with * executives and HQ components. * Create and maintain forms, document templates and a register for CISOD forms and templates which support cybersecurity activities throughout the department. * Prepare, track, and provide status reports on data calls. * Develop, maintain, and update Standard Operating Procedures (SOPs), handbooks, ConOps and instructions for all internal processes. * Keep up to date internal SOP/documentations of all processes at a location specified by the Federal Lead (SharePoint, Shared Folder, Knowledgebase, etc.). * Generate meetings minutes as requested. * Follow and leverage the internal DHS processes to perform their duties. * Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need by basis and as otherwise specified by the Federal Leads on a set frequency. * Provide weekly and ad hoc reports summarizing the adherence to agreed-upon schedules. The report shall include detailed summaries of:
* length and number of delays * recommendations for get-well plans * Additionally, reports shall summarize work completed and milestones met to include metrics. * Generate trending and ad-hoc reports as requested. Reporting includes extracting data from the CISOD databases, designing, developing, and implementing automated reports. Data being reported may represent subsets of the overall Performance reporting or new/unique data sets based on entire compliance data stored within the supporting tools. * Engage and support in planning and coordinating the various Working Group Meetings * Provide guidance and recommendations to Federal SMEs on processes and projects. * Provide customer service support to DHS Enterprise by responding and resolving DHS Helpdesk tickets. * Support modernization of all Cybersecurity processes and methodologies to be employed across the Enterprise and MGMT * Collaborate/coordinate successfully with other contract vendors/Government personnel. * Respond to component questions via helpdesk tickets, Microsoft Teams messages, emails, and phone calls. * Provide recommendations and feedback on the DHS policies. * Provide, develop, maintain, update, store, and distribute weekly/monthly/quarterly/ad-hoc reports, meeting minutes, user feedback as requested by the Federal Lead. * Propose process improvements accordingly to Federal Lead. * Support Cybersecurity process innovation and automation to support the new Cybersecurity processes and methodologies that will be developed in automated tools. * Develop, update, maintain and provide training materials and resources to provide guidance to DHS Enterprise and MGMT on subject areas. * Develop, maintain, update, store, and distribute Standard Operating Procedures for all routine activities to ensure standardization of activities and enable the transition of activities across members of the team. * Develop metrics and recommend improvements for tracking progress on cybersecurity subject areas and programs. * Develop and maintain weekly Executive reports and PMR reports. * Attend Working Groups, meetings and discussions and provide feedback and ideas for improvements. * Develop unique Cybersecurity training materials and resources to provide guidance regarding process, documentation and understanding of responsibilities. This can be provided in-person, online or on a training platform like the Performance and Learning Management System (PALMS) or the Federal Virtual Training Environment (FedVTE). * Develop trainings for users across HQ components based on the new changes recommended by DHS Management for this FY. * Develop and maintain Key Performance Indicators (KPI) and metrics to evaluate the performance and identify key areas of improvements in the subject areas or programs. Recommend changes to improve the quality and reduce the level of effort and elapsed time required for approved metrics weekly to the Federal Lead. * Develop metric reports to evaluate Cybersecurity Risk management and * Scorecard progress on weekly/monthly basis. * Collaborate with other teams to ensure that Cybersecurity processes are effectively maintained and tracked. * Work with DHS Enterprise to identify, develop, and implement Cybersecurity programs best practices, and general guidance for use across the federal government. * Support current and future enhancements and transition of DHS CISOD tools and requirements. Requirements Experience/Years of Relevant Experience: * Required Experience: 4+ years. Education/Certificates: * Bachelor's degree in computer science or related field.
* Certification: CISSP, CAP or Security +Clearance: * Top Secret SCILocation: Hybrid, SCIF, TSA Headquarters 6595 Springfield Center Dr. Springfield, VA 22150
* Draft DHS NSS Assessment, Compliance, and Policy Support Standard Operating Procedures and Playbooks * Draft DHS RMF Processes and Procedures * Provide Analysis Report from Cybersecurity Threats and Vulnerabilities Research (both OSINT and other sources) * Assist with the development and maintenance of formal documented NSS Assessment and Compliance SOPs. SOPs shall provide the operational basis for the DHS NSCD Compliance CONOPS. * Continuously tune and update Government provided cyber risk recommendations to specifically designated systems through continuous monitoring through established CONMON processes of select NSCD-defined controls, Plans of Action and Milestones (POAM) monitoring and mitigations, and common cyber threats to DHS assets. * Provide recommendations and produce consistent comprehensive reports. Activities include: * Implementation, training, and SOP development and maintenance of implemented solutions * In-depth analysis to determine trends and patterns of cyber threat information. * Reporting results of all analyses to the Government Leads and DHS NSCD Director * Document lessons learned after security control assessments and customer on- site assistance visits (COAV). * Attend regular and ad-hoc NSS related meetings, to include ERB (Engineering Review Board),C-ICCB (Classified Infrastructure Change Control Board), HSDN Safeguarding and Information Assurance (IA) Governance Board, CIACS (Classified Information Assurance Compliance System) status meetings. * Participate in NSCD Site Compliance * Fulfill/complete/meet/act in accordance with DHS NSCD guidance. * Adhere to all CONOPS, DHS NSCD procedures and guidance (CNSS, NIST and DHS 4300B Security Policy) when performing NSS compliance activities/reporting. * Manage the reporting cyber security compliance events that affect DHS NSS. * Document all compliance activities, to include any incoming DHS Chief Information Security Officer (CISO) and DHS Information and Analysis (I&A) requests for information. * Maintain an up-to-date list of Department, Component, and relevant cyber-IA POCs in designated website. * Utilize DHS NSCD-authorized compliance tracking system(s) tool to track approvals, compliance activities, and reporting. * Compliance reports shall be in business language and effectively communicate the effect on the mission, what assets were evaluated, what was the resultant cyber risk recommendation, and the plan to mitigate any resultant cyber risk issues. * Conduct research on cyber threats, assess the protections in place to mitigate cyber threats, determine and document risks associated to the associated DHS NSS asset in the corresponding Risk Assessment Report. * Keep the DHS CISO and other key stakeholders informed of matters concerning the DHS NSS security posture. * Serve as an advisor to DHS NSCD Government personnel who represent DHS to external Government Agencies and National Security forums and discussions, as they relate to DHS NSS compliance activities. * Conduct weekly/monthly POAM monitoring and review to ensure mitigation due dates do not expire, and work with the system owners, ISSOs and other system security representatives to ensure POAM timely closures. To be determined at the order level. * Provide analysis and feedback on DHS security artifacts when assigned to * NSCD, to include but not limited to Memorandum of Understandings (MOU), Memorandum of Agreements (MOA), and Interconnection Security Agreements (ISA). * Support the development and update of DHS NSCD Information Safeguarding and Risk Management Council (ISRMC) processes and procedures. * Propose security policy enhancements, through gap analysis, in coverage and/or new capabilities that would further promote the Department's national security posture. * Support the formulation of DHS NSCD Standard Operating Procedures and playbooks for security practices that involve NSCD initiatives. * Perform DHS National Security Exception (NSE) review and analysis in support of Section 508 compliance. Additional Support: * Prepare documents such as charters, agendas, presentations, and memorandum. * Maintain distribution groups, points of contact lists, and group membership listings. * Publish messages and notifications to the DHS community. * Coordinate with the CISOD Business Offices to route and track communications with * executives and HQ components. * Create and maintain forms, document templates and a register for CISOD forms and templates which support cybersecurity activities throughout the department. * Prepare, track, and provide status reports on data calls. * Develop, maintain, and update Standard Operating Procedures (SOPs), handbooks, ConOps and instructions for all internal processes. * Keep up to date internal SOP/documentations of all processes at a location specified by the Federal Lead (SharePoint, Shared Folder, Knowledgebase, etc.). * Generate meetings minutes as requested. * Follow and leverage the internal DHS processes to perform their duties. * Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need by basis and as otherwise specified by the Federal Leads on a set frequency. * Provide weekly and ad hoc reports summarizing the adherence to agreed-upon schedules. The report shall include detailed summaries of:
* length and number of delays * recommendations for get-well plans * Additionally, reports shall summarize work completed and milestones met to include metrics. * Generate trending and ad-hoc reports as requested. Reporting includes extracting data from the CISOD databases, designing, developing, and implementing automated reports. Data being reported may represent subsets of the overall Performance reporting or new/unique data sets based on entire compliance data stored within the supporting tools. * Engage and support in planning and coordinating the various Working Group Meetings * Provide guidance and recommendations to Federal SMEs on processes and projects. * Provide customer service support to DHS Enterprise by responding and resolving DHS Helpdesk tickets. * Support modernization of all Cybersecurity processes and methodologies to be employed across the Enterprise and MGMT * Collaborate/coordinate successfully with other contract vendors/Government personnel. * Respond to component questions via helpdesk tickets, Microsoft Teams messages, emails, and phone calls. * Provide recommendations and feedback on the DHS policies. * Provide, develop, maintain, update, store, and distribute weekly/monthly/quarterly/ad-hoc reports, meeting minutes, user feedback as requested by the Federal Lead. * Propose process improvements accordingly to Federal Lead. * Support Cybersecurity process innovation and automation to support the new Cybersecurity processes and methodologies that will be developed in automated tools. * Develop, update, maintain and provide training materials and resources to provide guidance to DHS Enterprise and MGMT on subject areas. * Develop, maintain, update, store, and distribute Standard Operating Procedures for all routine activities to ensure standardization of activities and enable the transition of activities across members of the team. * Develop metrics and recommend improvements for tracking progress on cybersecurity subject areas and programs. * Develop and maintain weekly Executive reports and PMR reports. * Attend Working Groups, meetings and discussions and provide feedback and ideas for improvements. * Develop unique Cybersecurity training materials and resources to provide guidance regarding process, documentation and understanding of responsibilities. This can be provided in-person, online or on a training platform like the Performance and Learning Management System (PALMS) or the Federal Virtual Training Environment (FedVTE). * Develop trainings for users across HQ components based on the new changes recommended by DHS Management for this FY. * Develop and maintain Key Performance Indicators (KPI) and metrics to evaluate the performance and identify key areas of improvements in the subject areas or programs. Recommend changes to improve the quality and reduce the level of effort and elapsed time required for approved metrics weekly to the Federal Lead. * Develop metric reports to evaluate Cybersecurity Risk management and * Scorecard progress on weekly/monthly basis. * Collaborate with other teams to ensure that Cybersecurity processes are effectively maintained and tracked. * Work with DHS Enterprise to identify, develop, and implement Cybersecurity programs best practices, and general guidance for use across the federal government. * Support current and future enhancements and transition of DHS CISOD tools and requirements. Requirements Experience/Years of Relevant Experience: * Required Experience: 4+ years. Education/Certificates: * Bachelor's degree in computer science or related field.
* Certification: CISSP, CAP or Security +Clearance: * Top Secret SCILocation: Hybrid, SCIF, TSA Headquarters 6595 Springfield Center Dr. Springfield, VA 22150