• Expert knowledge of Risk Management Framework (RMF) requirements/processes.
• Perform risk assessments and make recommendations to customers Advise government program managers on security testing methodologies and processes.
• Knowledge of current and emerging threats/threat vectors. (Physical, Cyber and Spectrum)
• Knowledge of critical information technology (IT) procurement requirements.
• Knowledge of Personally Identifiable Information (PII) data security standards.
• Knowledge of Personal Health Information (PHI) data security standards.
• Evaluate accreditation and certification documentation and provide written recommendations to ISO ore designee.
• Continuously monitor Cybersecurity posture to accommodate changes to policy, procedures and/or technology.
• Develop and maintain a formal comprehensive Cybersecurity Program.
• Ensure that all Cybersecurity, system administrators, and other IS personnel receive the necessary technical and security training to carry out their duties as well as a comprehensive information security education, training, and awareness program, which includes attending, monitoring, and presenting local IS security requirements.
• Develop, review, endorse, and recommend action by the AO of system certification documentation.
• Develop policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
• Establish, implement and continuously monitor a comprehensive Risk Management program, reporting any mitigations or countermeasures required to maintain an effective and secure environment.
• Conduct periodic testing of the security posture of the IS thereby safeguarding the configuration management (CM) program for security-relevant IS software, hardware, and firmware are properly documented.
• Ensure that system recovery processes are monitored to ensure that security features and procedures are properly restored IAW customers direction.
• Provide leadership, mentoring, and quality assurance for Cybersecurity Team Members.
  Conduct manual SRG/STIG checklists and remediation.
• Willingness to submit to a Counterintelligence polygraph.
• Willingness to travel within the organizational geographic Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)

Mandatory Qualifications: