Senior Ethical Hacker leading assessments of Bank of America's cyber security systems for applications and technologies. Collaborating with teams to enhance security controls and mitigate vulnerabilities.
About the role
- Information Systems Security Engineer assisting in cyber security requirements for DoD systems. Collaborating closely with customers and ensuring compliance with the DoD Risk Management Framework.
Responsibilities
- Create authorization package records in Marine Corps Certification and Accreditation Support Tool (MCCAST) or Enterprise Mission Assurance Support Service (eMASS) for assigned systems
- Support identification of the system type (IS, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, data classification, tactical, space, etc., to support categorization
- Support the determination of the appropriate Defense–in–Depth Functional Implementation Architecture (DFIA) defense level (DL), CYBERSAFE grade, and security categorization in accordance with (IAW) CNSSI 1253 for assigned systems
- Support the generation of controls for assigned systems IAW the DFIA DL, CYBERSAFE grade, security categorization, and applicable overlays
- Assess and document the security control set for assigned systems to determine the applicability and compliance of the individual controls within the security control set
- Develop Cyber Security Strategy based on the security categorization for assigned systems
- Develop Security Plan (SP) and Information System Continuous Monitoring (ISCM) strategy in MCCAST or eMASS for assigned systems
- Support the Security Control Assessor (SCA) and Authorizing Official (AO) review of the security control set to address any feedback received during the review
- Collaborate with the NSWC IHD ISSO and Security Control Validator (SCV) to develop the Security Assessment Plan (SAP)
- Support the NSWC IHD ISSO in implementing and testing the security control set IAW the SAP. Documenting the pre-assessment results in a Plan of Actions and Milestones (POA&M) and Security Assessment Report (SAR).
- Support the SCA and AO review of the pre-assessment POA&M and SAR to address any feedback received during the review
- Assist the NSWC IHD ISSO in providing updates to the Security Validation POA&M to address open vulnerabilities that were verified by the SCV during the official security assessment.
Requirements
- Bachelor's degree from an accredited college or university in Computer Science or Information Management
- Active Secret Clearance Required
- Minimum Five (5) years of professional experience
- At least Three (3) years of experience in defining security programs or processes for the protection of sensitive or classified information
- Sec+, or equivalent, required
- Experience working in a team-oriented, collaborative environment.
Benefits
- comprehensive benefits package
- healthcare benefits
- paid leave
- retirement plans
- insurance programs
- education and training assistance
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Manual Ethical Hacker assessing bank's applications to identify vulnerabilities and mitigate risks. Collaborate with partners to enhance security measures within the Cyber Security Assurance group.
Cybersecurity Engineer ensuring the organization's technological environment and mitigating structural cyber risks. Identifying weaknesses and collaborating across teams for objective contribution.
Associate Director for Cybersecurity leading test strategies at AT&T's cloud security platform. Shaping testing programs and ensuring security and reliability for cloud - native environments.
IT Security Engineer ensuring secure data exchange in the insurance industry. Collaborating on technical security tasks and developing security systems with a focus on efficient data management.
Cybersecurity Engineer involved in maintaining cybersecurity throughout product life cycles. Working with a skilled team to enhance security measures in critical environments.
Cybersecurity Engineer I at Travelers enhancing network security for cloud - based solutions and zero trust architectures. Collaborating on security controls and protocols across systems.
Network Security Engineer handling L2/L3 configurations, firewall management, and operational documentation. Supporting infrastructure - related projects at Arcatem by Artemys with a focus on team collaboration.
Safety & Security Specialist ensuring safety and security at Ohio’s Hospice facilities. Responding to emergencies, patrolling grounds, and communicating with law enforcement as needed.
Member of Technical Staff specializing in Cloud Security at Wind River. Implementing DevSecOps technologies and securing cloud - native environments.