Mid-Level Information Assurance and Vulnerability Management Specialist for Boeing in Huntsville, Alabama (salary not disclosed) STIG
As an Information Assurance and Vulnerability Management Specialist, you will communicate and collaborate with key stakeholders across the enterprise in regards to cybersecurity related matters. Define and maintain policies, procedures, control objectives and publish implementation guidance. Define policy compliance measures and consult on regulatory compliance. Define and perform vulnerability assessments leveraging threat analysis, known vulnerabilities, and business value to scope and prioritize efforts. Identify the operational environment, the threat against it, the potential impact to it and the most likely courses of adversarial action upon it. Define and manage cybersecurity risk management processes. Perform due diligence for mergers and acquisitions, ensuring cybersecurity risks are escalated to the appropriate management level for action. Act as the primary cybersecurity interface to non-fully integrated subsidiaries, enabling technical interchange and consistent business priorities for Information Security efforts. Provide supply chain cybersecurity risk management requirements and collaborate with procurement agents and other Supply Chain functional representatives to implement supply chain cybersecurity.
Boeing Intelligence & Analytics (BI&A) is seeking an Information Assurance and Vulnerability Management Specialist to join the GMD Systems Integration, Test & Readiness (SITR) program.
Telework Availability: This position is expected to be 100% onsite.
An Information Assurance and Vulnerability Management Specialist performs vulnerability assessments and audits supporting information system and lab security and DoD compliance.
- Facilitate a comprehensive vulnerability management program aligned to program goals and objectives.
- Performs Cybersecurity vulnerability scans and document results on a variety of systems, identify vulnerabilities, utilizing designated vulnerability management tool sets.
- Perform, review and audit Security Technical Implementation Guides (STIGs) utilizing designated tools to ensure compliance.
- Support the development and maintenance of cyber scanning, patching, and remediation, tools and applications.
- Performs periodic and on-demand system audits and vulnerability assessments.
- Perform technical threat/risk and vulnerability assessments and manage vulnerabilities throughout the engineering and information system lifecycle.
- Support the engineering analysis of patches and various system updates and upgrades to determine system consequence of these changes.
- Support and facilitate various ATO packages including processing IAVMs and CTOs for the same.
- Develop and maintain effective, accurate, and timely reporting and metrics.
- Provide technical guidance within a defined organizational team.
- Evaluate and recommend vulnerability management tools and technologies, ensuring the optimal balance of effectiveness and efficiency.
- Bachelor Degree and/or Military experience and/or Combination of education and work experience equivalent to 9 years.
- Secret clearance-US prestart
- Cybersecurity IAT/IAM Level II Certificate or higher IAT/IAM level.
- This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship.
- This position requires clearing a background check and an enhanced Personal Conflict of Interest (PCI) requirements as a condition for employment.
- Experience with Nessus, ACAS, SCAP, and STIGViewer.
- Experience using the Enterprise Mission Assurance Support Service to track POAMs.
- Various cyber related compliance standards: TEMPEST, DFARS Clause 252.204-7012, COMSEC, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39.)
- Excellent team player with strong written and oral communication skills
- Confident in a fast-paced environment with competing priorities, and able to multi-task and manage expectations.
- Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. PhD, Master+3 years' related work experience, 9 years' related work experience, etc.).
To Apply: https://hubs.ly/Q01ZJc3C0