Cyber Assessor

Description

We are a team of visionary leaders who shift the paradigm to bring our customers game changing innovations and emerging technologies to strengthen their missions. As a Vision, Mission, and Driven company, VMD has been delivering information technology solutions to the Federal government in Agile Engineering, Cybersecurity, and Critical Infrastructure Protection since 2002.

Why Join VMD Corp?

At VMD you have the opportunity to thrive in your career and become a Game Changer. The quality and talent of our people is what drives the success of VMD. We embrace an employee-first culture and make it a priority to provide professional development opportunities that foster career growth.

We help protect American Citizens and the nation's most critical infrastructure by working alongside our customers and delivering game changing solutions to strengthen their missions. We believe our passion and commitment to achieve our customers' goals and solve their most critical challenges defines who we are. We don't just dream big, we act on it - through teamwork, dedication, and resilience.

Learn more about VMD culture here:

About the Mission You Will Join:

This Cyber Assessor position will be supporting the NNSA (National Nuclear Security Administration) Associate Administrator for Information Management and Chief Information Officer (OCIO) and will be responsible for conducing technical cybersecurity assessments.

As a Cyber Assessor you will work alongside a team of specialized assessors and will help foster a culture of information sharing. You will ensure that IT investments and projects in all NNSA locations are coordinated, have the necessary cybersecurity protection, align with strategic plans, and comply with Department of Energy (DOE) and Federal requirements, mandates, and laws.

Your Impact to the Mission:

The Cyber Assessor will be responsible for:

• Conducting formal, independent, and objective cybersecurity audits and inspections (onsite and through remote connections) to determine compliance of requirements and assess effectiveness and resiliency of cybersecurity measures applied to IT and OT systems and applications.
• Measuring effectiveness of controls, determine vulnerability exploitability, and document and report findings and impact.
• Making recommendations that adhere to DOE classification requirements with accuracy.
• Providing audit and inspection expertise in accordance with national cybersecurity requirements and industry related best practices for all end nodes and devices connected to NNSA secure networks.
• Demonstrating and utilizing expert knowledge in conducting various types of penetration testing ethically and safely, to include internal, external, wireless, and web application testing.
• Conducting penetration testing of IT and OT systems; conducting technical red, blue, or purple team exercises. Coordinating the use of crowdsource penetration testing capabilities where applicable.
• Utilizing commercial off-the-shelf and open source cybersecurity tools safely, securely, and ethically in the execution of approved testing activities.
• Conducting cybersecurity research and remaining abreast of threats to diverse Information and Operational technologies.
• Taking an active role in helping the Federal staff improve the assessment program by documenting or updating processes and procedures.

Experience Needed to Be Successful:

• Experience in all phases of the planning, development, and execution of a cybersecurity assessment program.
• Knowledge of technical assessments, penetration testing, and technical red, blue, or purple team exercises.
• Ability to provide informed, expert technical opinion and translate technical findings to business impact.
• Highly skilled in baseline cybersecurity requirements for a federal government agency (preferably DOE)
• Highly skilled in research, writing, and communication of technical cybersecurity topics.
• Remains abreast of threats to diverse information and operational technologies.

Basic Qualifiers:

• Education Requirement: Bachelor's degree, or equivalent years of experience
• Can Additional Years of Experience Substitute for Degree?Yes
• Required Certification(s): OSCP, CEH, GPEN, PenTest+, or related industry recognized certifications; satisfy requirements for DoD 8570 Information Assurance Technical III category
• Minimum Years of Overall Experience:12
• Minimum Years of Specific Experience in Field:8
• Minimum Clearance to Start:Top Secret or Q Clearance
• Work Status Allowable:US Citizen

The Type of Person That Will Excel:

• Enjoys learning and keeping up with industry trends and best practices.
• Impeccable time and organization skills.
• Possess effective writing and presentation skills.
• Capable of thinking outside-the-box
• Motivated
• High attention to detail

Travel and Telecommuting:

• Travel:Significant (between 25%-75%)
• Telecommute Options: This position will involve travel to various customer sites across the U.S. for up to (2) two weeks per month. When not traveling onsite, the position can be remote.

VMD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. VMD maintains a drug-free workplace.