Job Description:

The DHS S&T program within Fusion Technology is seeking an IT Program Manager local to Washington D.C. PMP Required.

IT Program Responsibilities:

Validating all information system security reporting.

• Overseeing the Plan of Action and Milestones (POA&M) process.
• Maintaining an inventory of all S&T information systems.
• Developing and publishing procedures necessary to implement the requirements of DHS IT security policy for S&T information systems.
• Supporting the S&T CISO in ensuring that security issues are being addressed in configuration reviews and Change Control Boards (CCBs).
• Implementing an IT Security Review and Assistance Program to aid the ISSOs in authoring security assessment and authorization documentation.
• Scheduling IT security review and assistance visits and ensuring these visits are completed and participating in review and assistance visits.
• Coordinating with ISSOs and providing guidance and oversight in identifying and documenting deficiencies and prioritizing them based on the mission, risk, and funding.
• Evaluating configurations and implementation of firewalls, proxy servers, routers, Virtual Private Networks (VPNs), Intrusion Detection System (IDS), wireless networks, etc. against legal requirements, departmental/local policy, industry best practices and vendor recommendations.
• Conducting vulnerability assessments and penetration testing for all IT systems, with the assessment/testing level to be based on each system’s status within the security assessment and authorization cycle and authority to operate status. Analyze systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational weaknesses. Respond to vulnerability issues within 5 Calendar days of occurrence. Present any security issues that are found to the system owner with an assessment of their impact and a recommendation for mitigation or technical solution. Providing oversite of penetration testing and ethical hacking services in network, wireless and web application environments; these shall include Social Engineering (including but not limited to the ability to perform Phishing and Spear Phishing); these services should be performed following a documented and standardized methodology. The goals and objectives for each exercise will be determined by the S&T CISO.
• Performing static code reviews as required, based on a given system’s status within the security assessment and authorization cycle, authority to operate status, and estimated risk profile. Static code review includes analyzing systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational weaknesses. The Contractor shall also perform static code analysis on software developed in-house and by contracted developers. The Contractor shall present any security issues that are found to the ISSO, Compliance Officer, system owner, authorizing official, and the S&T CISO along with an impact assessment and a recommendation for mitigation and technical solution.
• Reviewing National Institute of Standards and Technology (NIST) publications applicable to FISMA and other directives for applicability to the DHS IT Security Program.
• Ensuring coordination among the DHS Security Operations Center and the Information Security Vulnerability Management Program when vulnerability assessments cross multiple Component responsibilities.
• Ensuring DHS encryption policy is implemented and enforced and advising project managers on the implementation of DHS encryption standards.
• Maintaining an appropriate security management posture for all S&T IT systems and assets.
• Conducting annual IT security refresher training for all S&T members (Fed and Contract).
• Coordinating cyber training for S&T personnel and other specialized admin training.
• Supporting S&T CISO continuous monitoring initiatives by collecting, compiling and providing monthly Compliance & Testing submissions for inclusion within Cyber Scope.

Job Types: Full-time, Contract

Pay: $110,000.00 - $120,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Parental leave
• Professional development assistance
• Referral program
• Relocation assistance
• Retirement plan
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Ability to commute/relocate:

• Washington, DC 20001: Reliably commute or planning to relocate before starting work (Required)

Application Question(s):

• Are you a current U.S Citizen?

Education:

• Bachelor's (Preferred)

Experience:

• IT Program Management: 7 years (Preferred)

License/Certification:

• CISSP (Preferred)
• CISM (Preferred)
• PMP (Required)

Work Location: One location

Please Note :
apexdining.ca is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, apexdining.ca provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.