Job Description
Xenith Solutions is a small family focused business where we focus on taking care of our employees and customers equally. We are focused on serving Federal / Civilian, Defense and Intelligence organizations with superior service. If you want to be a part of a rapidly growing business with an exceptional culture, then you want to be a part of the Xenith Solutions family.
Serve as a Cybersecurity Team member responsible for the Information Assurance and Security of application, database, and enterprise network services. Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include:
- Implement Cybersecurity Program strategy
- Apply information security in accordance with National/DHS/CBP directives security policy including, but not limited to, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, DHS 4300A, CBP Handbook 1400-05D
- Assess entire system lifecycle requirements and network security impacts
- Support creation of, and ensure approval for, Department of Homeland Security (DHS) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects
- Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures
- Document DHS RMF Security Implementation Plan artifacts. Coordinate and assist development team with application artifact documentation
- Assist government personnel in preparing and presenting Information Assurance Compliance System (IACS) packages to the Control Assessor (SCA) Assess and analyze the current threat environment
- Enhance – Implement Cybersecurity vulnerability/A&A hardening testing
- Optimize – Cybersecurity development environment certification
- Architect & Engineer security – develop security goals, capabilities, controls, and architecture
- Design & Implement security – vulnerability management, build security into development
- Integrate & Test Security – test patches and settings, document A&A artifacts
- Validate & Verify security – validate patch status and software control status
- Implement security – apply patches and security settings, performance incident handling and remediation
- Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation
- Enable assurance for information security during all phases of agile software development and deployment
- Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
- Identify, assess, and recommend zero-day cyber threat remediation
- Address Cybersecurity issues to help maintain Continuity of Operations Plans (COOP)
- Perform information security vulnerability testing and mitigate any nonconformance
- Supports reviews and audits of continuous system monitoring and contingency planning.
- Updates associated documentation as needed
- Create and manage Plan of Action & Milestones (POA&M)
- Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
- Understand and assist developers with static code analysis processes
- Report and help investigate security-related incidents and security violations as requested by the Computer Security Incident Response Center (CSIRC)
- Monitor and inspect for approved software usage and implementation of approved antivirus and other security related software
- Develop and maintain security training programs are developed and maintained
You Will Bring These Qualifications:
Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include:
- 3-year check for felony convictions
- 1-year check for illegal drug use
- 1-year check for misconduct such as theft or fraud
- College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline
- Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred
- Demonstrated knowledge DHS 4300A, “Sensitive Systems Handbook”, and CBP Handbook 1400-05D, “Information Systems Security Policies and Procedures Handbook”
- Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems” and NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems”
- Professional Experience: 7+ years related technical experience
- Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
- Working knowledge of Federal Information Security Management Act (FISMA) reporting requirements and processes
- Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
- Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
- Experience with continuous integration tools and environments
- Experience with scripting languages like Perl, VBScript, Ruby, etc.
- Experience with Computer Network Defense (CND) processes, procedures, and tools
- Acting independently to expose and resolve problems
- Demonstrated experience with HP Fortify Software Security Center
- Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
- Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage
- Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies
- Demonstrated experience using IACS
- Demonstrated ability to identify and manage risk
Xenith Solutions LLC is a Service-Disabled Veteran-Owned Small Business founded in 2019. We provide comprehensive, timely and relevant Solutions and Business Consulting support to our customers as a key partner. Our leadership brings over a century of combined experience in Defense and Civilian markets. Our employees possess experience in all aspects of solution development from requirements creation, development, test and evaluation, fielding, and sustainment. At the core of our offerings, we provide strategy and technology solutions, giving our customers valuable insights and thought leadership on the best application of information technology to drive business objectives.
Xenith focuses on solving complex business challenges facing our customers. Our “Success Through Achievement” work ethic means our customer receive quality solutions through our commitment. We pride ourselves on tackling some of the most difficult operational requirements our customers have – ensuring an appropriate match between the mission requirements, financials, schedule, and security.
EEO
Xenith Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.
EEO IS THE LAW
If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Xenith Solutions.
E-Verify
As a Federal Contractor, Xenith Solutions is required to participate in the E-Verify Program to confirm eligibility to work in the United States.
Affirmative Action Plan
As a federal government contractor and based on Executive Orders and applicable laws and regulations, Xenith Solutions develops and maintains annual written Affirmative Action Plans and endeavors to hire and advance qualified minorities, females, individuals with disabilities, and protected veterans.
Job Tags
Full time, For contractors, Local area, Felony friendly,