Cybersecurity Specialist ‐ Mid Level
Task Area 4: NSS Assessment, Compliance, and Policy Support
· CISSP or CAP or Security+
Security Clearance Required:
· Top Secret SCI
Required Years of Experience:
· Hybrid, SCIF, TSA Headquarters 6595 Springfield Center Dr. Springfield, VA 22150
· Bachelor’s Degree in Computer Science or related field
- Draft DHS National Security System and Sensitive System Policy updates
- Final DHS National Security System and Sensitive System Policy updates
- DHS National Security System Policy and Sensitive System proposals
- Draft DHS NSS Assessment, Compliance, and Policy SupportStandard Operating Procedures and Playbooks
- Draft DHS RMF Processes and Procedures
- Provide Analysis Report from Cybersecurity Threats and Vulnerabilities Research (both OSINT and other sources)
- Capable of providing security control assessments in accordance with NIST Risk Management Framework and the Committee on National Security Systems (CNSS) guidance and standards, validation of those assessments and analysis of DHS NSS and other designated systems, appliances, or applications.
· Assist with the development and maintenance of formal documented NSS Assessment and Compliance SOPs. SOPs shall provide the operational basis for the DHS NSCD Compliance CONOPS.
· Evaluate cyber risk indicators, including those risks stemming from cyber threats and protections that are in place to mitigate those threats. (e.g., Common Vulnerabilities and Exposures (CVE), Computer Emergency Readiness Team (CERT), Information Assurance Vulnerability Alert (IAVM), etc.).
· Continuously tune and update Government provided cyber risk recommendations to specifically designated systems through continuous monitoring through established CONMON processes of select NSCD-defined controls, Plans of Action and Milestones (POAM) monitoring and mitigations, and common cyber threats to DHS assets.
· Provide recommendations and produce consistent comprehensive reports. Activities include:
· Implementation, training, and SOP development and maintenance of implemented solutions
· In-depth analysis to determine trends and patterns of cyber threat information
· Reporting results of all analyses to the Government Leads and DHS NSCD Director
· Document lessons learned after security control assessments and customer on- site assistance visits (COAV).
· Attend regular and ad-hoc NSS related meetings, to include ERB (Engineering Review Board), C-ICCB (Classified Infrastructure Change Control Board), HSDN Safeguarding and Information Assurance (IA) Governance Board, CIACS (Classified Information Assurance Compliance System) status meetings.
· Participate in NSCD Site Compliance
· Fulfill/complete/meet/act in accordance with DHS NSCD guidance.
· Adhere to all CONOPS, DHS NSCD procedures and guidance (CNSS, NIST and DHS 4300B Security Policy) when performing NSS compliance activities/reporting.
· Manage the reporting cyber security compliance events that affect DHS NSS.
· Document all compliance activities, to include any incoming DHS Chief Information Security Officer (CISO) and DHS Information and Analysis (I&A) requests for information.
· Maintain an up-to-date list of Department, Component, and relevant cyber-IA POCs in designated website.
· Utilize DHS NSCD-authorized compliance tracking system(s) tool to track approvals, compliance activities, and reporting.
· Compliance reports shall be in business language and effectively communicate the effect on the mission, what assets were evaluated, what was the resultant cyber risk recommendation, and the plan to mitigate any resultant cyber risk issues.
· Conduct research on cyber threats, assess the protections in place to mitigate cyber threats, determine and document risks associated to the associated DHS NSS asset in the corresponding Risk Assessment Report.
· Keep the DHS CISO and other key stakeholders informed of matters concerning theDHS NSS security posture.
· Serve as an advisor to DHS NSCD Government personnel who represent DHS to external Government Agencies and National Security forums and discussions, as they relate to DHS NSS compliance activities.
· Conduct weekly/monthly POAM monitoring and review to ensure mitigation due dates do not expire, and work with the system owners, ISSOs and other system security representatives to ensure POAM timely closures. To be determined at the order level.
· Provide analysis and feedback on DHS security artifacts when assigned to
· NSCD, to include but not limited to Memorandum of Understandings (MOU), Memorandum of Agreements (MOA), and Interconnection Security Agreements (ISA).
· Support the development and update of DHS NSCD Information Safeguarding and Risk Management Council (ISRMC) processes and procedures
· Propose security policy enhancements, through gap analysis, in coverage and/or new capabilities that would further promote the Department’s national security posture.
· Support the formulation of DHS NSCD Standard Operating Procedures and playbooks for security practices that involve NSCD initiatives
· Perform DHS National Security Exception (NSE) review and analysis in support of Section 508 compliance.
· Prepare documents such as charters, agendas, presentations, and memorandum.
- Maintain distribution groups, points of contact lists, and group membership listings
- Publish messages and notifications to the DHS community
- Coordinate with the CISOD Business Offices to route and track communications with executives and HQ components.
- Create and maintain forms, document templates and a register for CISOD forms and templates which support cybersecurity activities throughout the department.
- Prepare, track, and provide status reports on data calls
- Develop, maintain, and update Standard Operating Procedures (SOPs), handbooks, ConOps and instructions for all internal processes.
- Keep up to date internal SOP/documentations of all processes at a location specified by the Federal Lead (SharePoint, Shared Folder, Knowledgebase, etc.).
- Generate meetings minutes as requested
- Follow and leverage the internal DHS processes to perform their duties.
- Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need by basis and as otherwise specified by the Federal Leads on a set frequency.
- Provide weekly and ad hoc reports summarizing the adherence to agreed-upon schedules.
- The report shall include detailed summaries of:
- length and number of delays
- recommendations for “get-well” plans
- Additionally, the reports shall summarize the work completed and milestones met to include metrics.
- Generate trending and ad-hoc reports as requested. Reporting includes extractingdata from the CISOD databases, designing, developing, and implementing automatedreports. Data being reported may represent subsets of the overall Performancereporting or new/unique data sets based on entire compliance data stored within thesupporting tools
- Engage and support in planning and coordinating the various Working Group Meetings
- Provide guidance and recommendations to Federal SMEs on processes and projects.
- Provide customer service support to DHS Enterprise by responding andresolving DHS Helpdesk tickets.
- Support modernization of all Cybersecurity processes and methodologies to beemployed across the Enterprise and MGMT
- Collaborate and coordinate successfully with other contract vendors and Governmentpersonnel.
- Respond to component questions via helpdesk tickets, Microsoft Teamsmessages, emails, and phone calls.
- Provide recommendations and feedback on the DHS policies
- Provide, develop, maintain, update, store, and distribute weekly/monthly/quarterly/ad-hoc reports, meeting minutes, user feedback as requestedby the Federal Lead.
- Propose process improvements accordingly to Federal Lead.
- Support Cybersecurity process innovation and automation to support thenew Cybersecurity processes and methodologies that will be developed inautomated tools.
- Develop, update, maintain and provide training materials and resources toprovide guidance to DHS Enterprise and MGMT on subject areas.
- Develop, maintain, update, store, and distribute Standard Operating Proceduresfor all routine activities to ensure standardization of activities and enable thetransition of activities across members of the team
- Develop metrics and recommend improvements for tracking progress oncybersecurity subject areas and programs.
- Develop and maintain weekly Executive reports and PMR reports.
- Attend Working Groups, meetings and discussions and provide feedback andideas for improvements.
- Develop unique Cybersecurity training materials and resources to provideguidance regarding process, documentation and understanding of responsibilities.This can be provided in-person, online or on a training platform like thePerformance and Learning Management System (PALMS) or the Federal VirtualTraining Environment (FedVTE).
- Develop trainings for users across HQ componentsbased on the new changes recommended by DHS Management for this FY