Global Networks Inc. (GNI) is looking for a Cyber Security Consultant for our Cyber Security Business Unit for a Prime Contract in Washington, DC.  (Public Trust 6C/No Travel Required. 

Requirements: 

• Bachelor’s Degree Required (Preferred degree in computer science, information systems, engineering, or a related discipline, or other related scientific or technical discipline.)

• Security+ and/or CISSP required in lieu of a Bachelor’s Degree

• 3+ years of experience with Information Security Experience, including conducting Security Authorizations and continuous monitoring activities

• 2+ years of Security Authorization, Plan of Action and Milestone (POA&M) and Continuous Monitoring activities

• 2+ years of expert experience working with federal agencies on POA&M management and remediation procedures supporting IT systems.

• Proficiency understanding the technical architecture of IT systems built using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL platforms

• Experience using and analyzing technical assessment tools such as Nessus, McAfee Vulnerability Manager (MVM), HP WebInspect, AppDetective, BurpSuite, Backtrack, Wireshark, QualysGuard and Redseal

• Understanding of the Federal Information Security Management Act (FISMA) requirements and National Institute of Technology and Standards (NIST) guidelines and special publications

• Understanding of processes used to assess risk and establish security requirements and documentation to ensure that information systems possess security safeguards commensurate with the level of exposure to potential risk, as well as damage to assets or individuals

• In-depth knowledge of information assurance levels and  risk impact thresholds in meeting applicable security policies, standards and requirements to ensure that accrediting authorities have the information necessary to make an objective authorization determination based on an acceptable level of risk

• Ability to analyze, evaluate, and assess information system security policies, processes and procedures necessary to ensure a comprehensive multi-disciplined assessment of technical and non-technical security features and associated safeguards

• Knowledge of System Security Plan, Contingency Plan and Testing, POA&Ms, Risk Assessment, and other security related documents

• Ability to assist ISSOs and/or system owners on addressing security controls and implementation methods in the SSP as well assist in contingency planning and testing, security control assessment and vulnerability scanning

• Able to analyze, assess, control, determine, mitigate and manage risk within a federal management framework or within federal interest computer systems that store, process, display or transmit Personally Identifiable Information (PII). Able to identify, implement and integrate management and administrative risk methodologies for securing critical and sensitive information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources

• Knowledge of FISMA regulation, FIPS standards, NIST 800 series and other applicable guidance