Jacobs is looking for talented individuals to join our team for DISA's Joint Interoperability Test Command (JITC) supporting the Test, Evaluation, and Certification (TEC) contract. We are seeking candidates who have skill sets that can support the full spectrum of IT communication systems and software test and evaluation.
Jacobs is seeking Cybersecurity Tester Principal to join our team of qualified, diverse individuals. This position is located at DISA HQ, Fort Meade, MD. The candidate will support Joint Interoperability Test Command (JITC) on the Cyber Situational Awareness Systems/Analytics (CSAS/A) task by conducting program/system related security planning, testing, data collection, data analysis, and reporting.
The Cyber Security Tester must be able to apply policies and Test engineering methodologies to analyze effectiveness and impacts on systems under test. The Cyber Security Tester must be able to function under limited supervision while supporting a full range of responsibilities. The Cyber Security Tester must be able to function in a test laboratory environment. Must currently possess and maintain a Secret security clearance.
- Prepare Risk Management Framework (RMF) documentation
- Conduct Lab Based Security Testing and Evaluation (ST&E)
- Perform Static code and dynamic code analysis (Fortify)
- Support the development of mitigations for software vulnerabilities found during analysis/test
- Interfaces with/presents briefings to Government and Contractor personnel.
- Perform a variety of cyber security assessments
- Work in a laboratory environment
- Provide timely feedback to the team, JITC, customers on identified problems, and associated mission effects
- Travel up to 6 weeks per year
- Master's degree and 8 years of experience; or
- Bachelor's degree and 10 years of experience.
- The degree must be in a relevant technical curriculum and experience must be related to the job duties.
- Requires DoD 8570 certification (CISSP, CISA, CASP, GCIH, GCED, or Security+). Additional certifications in the area of specialization may be substituted for 1 year of experience.
Experience: Financial project monitoring, Financial forecasting, Recruiting, Staff management & talent development, Customer relationship management, technology familiarity and willingness to learn new technologies (e.g. cloud, automation of cybersecurity, API Development, static code testing, penetration testing)
- Two years' experience as System Administrator with hands on knowledge of OS and application hardening
- Experience with cyber security testing (Vulnerability analysis, penetration testing) on developmental systems
- Familiarity with Agile SW development preferred
- Experience with various cyber security tools for conducting vulnerability analysis of software, operating systems, network devices
- Understanding of NIST RMF
- Familiarity of tools such as eMass, Fortify, ACAS
- Familiarity with OWASP Top Ten and DISA Application Software Development (ASD) STIG requirements for the protection against common cyber-attack approaches
- Must have Secret Clearance at time of hire.
- One or more cyber security related certification
Work may involve sitting or standing for extended periods of time. Position may require filing, typing, and reading from a computer screen. Must have sufficient mobility, included but not limited to: bending, reaching, turning and kneeling to complete daily duties in a timely and efficient manner. There is a possibility that due to parking availability and location of work, walking moderate to long distances may be required.
An inside and outside environment (considerations: closed quarters, close together, lighting). Needs to be able to work well with co-workers and all levels of management. No hazards on job or unusual environmental conditions.
Equipment and Machines
Ability to operate office equipment such as a personal computer, printer, copy machine, telephone, fax machine and other equipment including desk supplies and other work related tools as required.
Core work hours will be between 9:00 a.m. - 3:00 p.m. Monday - Friday. Regular attendance of scheduled hours is extremely important, but not critical, except for deadlines and meetings. Punctuality and regular attendance are necessary to meet deadlines. Must exhibit flexibility of work hours to adjust to surge situations based on critical mission requirements.
Other Essential Functions
Must demonstrate professional behavior at all times when dealing with customers, management and co-workers. Must have clear, concise and accurate communications skills in English, both verbal and written. Grooming and dress must be appropriate for the position and must not impose a safety risk to employees or others. Must maintain a positive work atmosphere by behaving and communicating in a professional manner. Independent personal transportation to office or work site is required. Travel to and from customer's locations and the test fields may be required to support projects. This may involve airline travel. In some cases, accommodations can possibly be made for POV, if necessary. When operating any vehicle for work purposes, must wear seat belt and in addition, no cellular devices are to be used when vehicle is in motion.