ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!
We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more.
Job Description and Tasks: Responsible for risk management activities, managing on-site deliverables and coordinating with the Program Manager and Government functional lead for delivery of Government requirements. Risk management activities shall encompass processes, procedures, and technical operations enabling USTRANSCOM to frame risk, i.e., establish the context for risk-based decisions; assess risk; respond to risk once determined; and monitor risk on an ongoing basis using effective organizational communications and a feedback loop for continuous improvement in the risk-related activities of the organization. In support of these objectives, the successful candidate will have experience with cyber security operations, which include a) Information Systems Security Engineering (ISSE) services; b) Risk assessment development and support; c) Authorization support; d) Security configuration and vulnerability management support; e) software assurance support; and f) security testing and auditing of security controls.
Job Requirements/Required Skills:
Must be a U.S. citizen
Possess an active SECRET level clearance
Possess and maintain Information Assurance Technical Level II (IAT-II): Software Assurance/evaluator, Information Systems Security Engineer qualification
Hold at least one Computing Environment (CE) certification/certificate for the operating system(s) and/or security related tools/devices they support as defined by the contractor’s cyberspace function” satisfying one of the following categories:
Software development (e.g., java, .net. C++, python, Visual Basic, etc.)
Understand network and host-based security devices (e.g., Intrusion Prevention Systems [IPS], Intrusion Detection Systems [IDS], firewall, proxy servers, sensors, switches, routers, hubs) and their role in moving packets securely from source to destination
Understanding of security requirements, testing, assessment and validation procedures, and best practices applicable to physical, virtual, and cloud (Infrastructure as a Service [IaaS], Platform as a Service [PaaS], Software as a Service [SaaS]) based environments
Knowledge of information security technologies (e.g., cryptography, biometrics, forensic analysis, vulnerability assessment, Security Information and Event Management [SIEM])
Understanding of Federal and DoD computer security policies, e.g., Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs), Electronic Communications, Privacy Act, Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management/Modernization Act (FISMA), and Digital Millennium Act
Thorough understanding of NIST Special Publications (SP), and commercial best practices
Desired knowledge of applicable DoD, JFHQ DoDIN, USCYBERCOM, and USTRANSCOM security guidelines and best practices
Thorough understanding of DoD policies applicable to implementation of the DoD RMF
Working knowledge of ISO 27001, 27002
Required computer skills: Microsoft Office (Word, Excel, PowerPoint, Project, Visio), working with PDFs, and other formats as required and in Government designated architecture tool suite
Experience providing technical innovations for a large-scale organization, such the military or other large Government organization
Possess excellent written and verbal communication skills, and have experience in presenting material to senior DoD and non-DoD officials
C4 experience in a military headquarters or command center environment
Knowledge of applicable DoD, JFHQ DoDIN, USCYBERCOM, and USTRANSCOM security guidelines and best practices
COVID-19 Policy: In accordance with Executive Order 14042, all newly hired employees must be able to provide proof of vaccination prior to starting employment, or receive approval for a medical or religious exception.