ApplyJob Type
Full-timeDescription
LOCATION: Fort Meade, MD (Hybrid)- Min 3 days onsite
Company Description:
ASG is a Minority Women Owned small business with over 15 years of experience in federal government contracting. ASG offers system integration and IT services to various clients, including software development and integration, mobile apps, AI/ML analytics, data science, big data, DevSecOps, digital transformation, cloud, and cybersecurity. ASG is CMMI Level 3 certified for Development and Services and holds ISO certifications 9001:2015, 200001:2011, and 27000:2015.
Job Description:
The Cybersecurity Lead Engineer and Subject Matter Expert is responsible for ensuring the security and integrity of information systems within the Defense Information Systems Agency (DISA). This role involves conducting detailed code reviews, implementing security policies, managing security risks, and providing technical leadership in compliance with DISA and DoD guidelines.
What You Will Do:
- Security Policy Implementation: Ensure adherence to DISA's security policies, procedures, and guidelines.
- Code Review: Conduct thorough reviews of code to identify potential security vulnerabilities and ensure compliance with established security standards.
- Documentation: Maintain comprehensive documentation of security assessments and code reviews.
- Risk Management: Evaluate security risks and implement measures to mitigate them effectively.
- Collaboration: Work closely with systems administration and development teams to ensure secure administration and coding practices are followed throughout the software development lifecycle (SDLC).
- Advanced Cybersecurity Tools: Utilize and provide expertise in advanced cybersecurity tools and applications.
- Security Assessments and Audits: Engage in regular security assessments and audits.
- Technical Leadership: Provide technical guidance and mentorship to junior ISSOs and development teams.
- Craft and implement strategies, particularly as they relate to a thorough cybersecurity posture.
- Lead DevSecOps initiatives, integrating security into the software development lifecycle.
- Manage compliance with standards like ISO, NIST, GDPR, and CMMC.
- Drive program risk assessments using the Risk Management Framework (RMF).
- Liaise with program leadership to align programs with government objectives.
- Collaborate with cross-functional teams to integrate services with existing enterprise systems.
Requirements
What We Need:
- Bachelor’s degree in a relevant field or equivalent experience. Relevant training certifications are a plus. In place of a degree, a combination of training certifications and years of experience will be considered.
- 8+ years of experience in cybersecurity.
- ?? 3+ years of experience in information security, particularly in code review and vulnerability assessment.
- Proficiency in programming languages such as Python, Java, and C++ or equivalent.
- Strong understanding of secure coding practices and the SDLC.
- Familiarity with DISA Security Technical Implementation Guides (STIGs) and the Risk Management Framework (RMF) as outlined in DoDI 8510.01.
- Expertise in using cybersecurity tools.
- Experience with security automation tools like Ansible, Chef, or Puppet.
- Familiarity with blockchain, IoT security, and AI/ML applications in cybersecurity.
- Experience in incident response, digital forensics, and handling advanced persistent threats (APTs).
- Excellent writing, editing, and communication skills.
- Proficiency in Microsoft Office (Word, PowerPoint, Excel, Visio) and Adobe Acrobat.
- Ability to communicate findings and recommendations clearly to both technical and nontechnical stakeholders.
- Strong organizational skills and attention to detail.
- Ability to work collaboratively with cross functional teams.
- Strong analytical and problem-solving abilities.
- Adaptability to rapidly changing security landscapes and technologies.
Certifications:
- CISSP, CEH, CISM, CSSLP, DoD 8570.01M IAT Level II or III, or comparable
- Preferred: CCSP, OSCP
Clearance Level:??
- DoD Top Secret (U.S. Citizenship is required)
Additional Information:
At ASG, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to careers @ a2-g.com. We will treat your request as confidentially as possible.
In your email, please include your name and preferred method of contact, and we will respond as soon as possible.
Perks:
At ASG, we want you to be well and thrive. Our benefits package includes:
- Healthcare Benefits
- Paid Time Off
- 401k Matching
- Employee Referral Bonus
- Education Assistance
- Learning and Development resources
- EOE, including Disability/Veterans