Vacancy expired!
Cyber Security Architect/Engineer III Digital Integration - IVS Engineer Apply knowledge of Cybersecurity governance, policy, compliance, and risk management to strengthen the security posture of a large organization. Leverage knowledge of Cybersecurity Frameworks, including NIST and Access Control Frameworks. Demonstrate knowledge of industry best practices to analyze the development of Digital Identity Verification Services. NOTE: This resource must have the following experience to be eligible as this role is specific for a SME to help USPS achieve NIST IAcertification for IVS In Person Proofing. This position would be working under a USPS lead and with a Third Party Auditor for Kantara certification. Basic Qualifications: -Lead the security assessment effort for an Identity proofing solution - compliance with NIST 800-53 moderate control requirement -Manage and track security project tasks, including security controls development and implementation, security testing and remediation, compliance tracking, and documentation. -Work with technical POCs to ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc. -Assist in estimating Level of Effort (LOE) involved in performing Audit activities -Help document residual risks and provide the cybersecurity risk analysis and mitigation determination results -4+ years of experience with security governance and security assessments -3+ years of experience developing security documents to meet RMF requirements -Experience with leading working groups and obtaining consensus and buy-in across varying stakeholders -Knowledge of effective communication concepts, tools, and techniques -Knowledge of the Risk Management Framework (RMF) -Knowledge of NIST 800-53 and NIST 800 - 63 guidelines -Ability to understand and apply the NIST 800-53 security families to the current agency security posture -Working knowledge of NIST 800-63 -Experience in preparing for / performing an IT assessment and reviews -Experience in developing and/ or updating procedural documents in accordance with organization policy and NIST standards -Ability to obtain a security clearance -BA or BS degree Additional Qualifications: -Experience with Identity and Access Management implementations, toolsets, or policy preferred -Experience with security policy analysis, metrics capture and analysis, security education, application vulnerability assessments, risk analysis and compliance testing, and project management -Ability to apply Cybersecurity and privacy principles to define organizational requirements relevant to confidentiality, integrity, availability, authentication, and non-repudiation -3+ years of security assessment / audit readiness / networking and/or security engineering experience -Possession of excellent interpersonal, analytical, problem-solving, organizational, issue resolution, and customer relationship management skills -Possession of excellent oral and written communication skills- Ability to communicate orally and in writing with and executive-level clientele -CISSP or CISM Certification preferred Additional Provisions:
