Job Details
Paragone Solutions is seeking a
Information Systems Security Manager/Developer
to provide information technology security excellence in support of the Food, Nutrition and Consumer Services (FNCS). The qualified candidate will be
Responsible for the cybersecurity of a program, organization, system, or enclave. They will design, develop, test, and evaluate information system security throughout the systems development life cycle.
This position will be primarily onsite, Monday-Friday during core hours (7:30am-6:00pm) in Alexandria, VA; Occasional remote work will be authorized (ex. inclement weather).
* This position is contingent upon contract award. A letter of commitment will be required to submit along with candidate resume.
Responsibilities Include:
Analyze design constraints, trade-offs, and system/security design considering life cycle support.Apply security policies to interfacing applications, assess cybersecurity measures, threats, and vulnerabilities, and develop security risk profiles.Build, test, modify prototypes, and conduct Privacy Impact Assessments (PIAs) for PII protection.Design and develop cybersecurity products, hardware, OS, software, and ensure data backup capabilities.Develop and direct system testing, validation procedures, and security design documentation.Create Disaster Recovery and Continuity of Operations plans and test before production.Develop risk mitigation strategies, countermeasures, and security solutions for systems/applications.Identify, allocate, and describe security functions and remediate technical problems.Prioritize essential system functions for recovery, assess cybersecurity products, and implement security designs.Perform risk analysis for major changes, provide implementation guidelines, and input into Risk Management Framework activities and documentation.Store, retrieve, and manipulate data for system analysis, support security testing, and use models to predict system performance.Design key management functions, analyze user needs for system security development, and document cybersecurity activities.Integrate SDLC methodologies, employ configuration management processes, design, implement, test, and evaluate secure interfaces, and update system security measures.Address security requirements, develop mitigation strategies for risks, perform security risk assessments, conduct security reviews, and identify architecture gaps.Provide input to implementation plans, trace system requirements to design components, and verify system architecture stability and scalability.Acquire and manage resources for IT security goals, enterprise continuity, and compliance activities.Advise senior management on risk levels, security posture, cost/benefit analysis, and changes affecting cybersecurity.Collect, maintain, and communicate cybersecurity data and its value throughout the organization.Collaborate on enterprise continuity strategies and ensure cybersecurity requirements are integrated.Evaluate, validate, and implement security improvements, inspections, tests, and reviews.Establish and maintain enterprise information security architecture and monitor its effectiveness.Develop and direct security testing, validation, and risk mitigation strategies.Identify and prioritize security functions, strategies, and alternative solutions.Interface with external organizations to disseminate incident and cybersecurity information.Lead IT security alignment with strategy, manage budgets, staffing, and training programs.Monitor and evaluate cybersecurity safeguards, threat analysis, and incident response.Oversee and provide input on security training, risk assessments, policy standards, and procurement processes.Track audit findings, ensure mitigation actions, and compliance with guidelines and laws.Support and manage security requirements in acquisitions, procurement, and system life cycle.Promote security awareness and ensure IT policies reflect the organization's mission and goals.Qualifications:
Recent experience supporting information security or cybersecurity projects for theFederal government or USDA is preferred.Demonstration of strong leadership and management experience.Experience in cloud security and guiding the secure implementation of cloud solutions is required.Recent experience in supporting the secure implementation of cloud native and emerging technologies (artificial intelligence, robotic process automation, etc.) is preferred.Requirements:
A bachelor s degree in cybersecurity, information technology or a related field from an accredited college/university is required.Required Certifications include one or more of the following:
Certified Information Systems Security Professional (CISSP)Certified Information Systems Auditor (CISA)Certified in Governance, Risk and Compliance (CGRC)Certified in Risk and Information Systems Control (CRISC)Certified Information Security Manager (CISM)
Certification(s) in Splunk Enterprise, Tenable vulnerability management and Tanium.
Paragone Solutions, Inc. is a boutique provider of services to the Department of Defense. We are a process-oriented (i.e. ISO 9001 certified) services company that provides cybersecurity, IT training, and industrial health/occupational safety support services. Founded in 2008, we are a certified woman-owned small business and a SBA certified 8(a) firm. Paragone offers competitive salaries and a relaxed, life-friendly work environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#ZR#J-18808-Ljbffr