We are looking for a Sr. Cyber Security Lead for an exciting program supporting the maintenance, reengineering, and integration of a set of Army financial management applications in an AWS cloud environment! This program is responsible for the maintenance and architecture of a cloud environment, including management of the family of financial management systems and the oversight of all information technologies and requirements for developing, administering, maintaining, and enhancing automated data and information systems that ensure efficient business operating processes.
This environment consists of multiple managed cloud environments (IaaS, PaaS) and numerous hosted data, applications, and processes that enable Army Planning, Programming and Budgeting (PPB) processes to develop the Army Future Years Defense Program. The cloud environment integrates multiple cloud services, commercial-off-the-shelf (COTS) applications, and custom applications storing data in multiple database engines including Oracle RDS, SQL Server RDS, Postgres, Mongo DB (IaaS), and RedShift, while serving more than 23,000 users. Applications exchange data with multiple other data systems and applications hosted in and out of the cloud. The environment performs a wide variety of automated validation routines, financial control enforcement, and produces outputs for submission to the Office of the Secretary of Defense (OSD).
The intent of the program is to maintain and enhance an IT service delivery model that offers consistency and predictability in client service levels within the cloud environment, improved accountability and efficiency, better cost management, and evolving the organization.
The Sr. Cyber Security Lead fills the DoD RMF role of Senior Information System Security Officer (S-ISSO) and performs integration of cybersecurity compliance (FISMA, RMF), cybersecurity operations, and systems development lifecycle (SDLC) security activities for all applicable environments and efforts. The Specialist provides support to all organization-wide information governance activities and ensures adherence to enterprise information security policies, standards and practices to achieve the required level of consistency, quality and protection to meet overall business needs. The Enterprise Security Specialist provides support in reviewing and editing existing Information Security Policies, procedures, and Standards.
The Sr. Cyber Security lead should have cybersecurity skill and expertise combined with knowledge of Agile application development and DevSecOps—demonstrating established experience with cloud platform services, DevOps practices such as build/release management, secure SDLC DevSecOps practices such as automating security processes in CI/CD pipelines, and general automation. This role must resolve problems, mitigate delays, disputes and escalate issues, requiring the ability to understand complex information, communicate the information to people with diverse professional backgrounds, provide recommendations to adapt and respond to dynamic cybersecurity landscape, and continually improve security processes and posture.
What We Can Offer You: