Cybersecurity Auditor

• Coordinate with the NSA CSFC PMO on all CSFC related documents and statuses
• Prepare documents required for NSA registration (Checklist, Annex, Deviations, ConOps, etc.)
• Prepare daily, weekly, and monthly reports describing the task status in accordance with task order report template
• Review, manage, control, and maintain security audit log data
• Document and report security-related incidents to appropriate authorities
• Perform annual assessment of NSA capability packages checklists and Cross Domain Solution registrations
• Performs authorization continuous monitoring on all Risk Management Framework (RMF) packages
• Evaluate an array of IT devices (e.g. Windows, RHEL, Cisco routers, switches, firewalls, etc.) for DoD compliance using SCAP Compliance checker, ACAS, Evaluate STIG, and via manual STIG check reviews
• Must be proficient in navigating through the eMASS application
• Provide DoD Cybersecurity analysis and risk based security recommendations for the CSfC system
• Assess CSfC IAW DoDI 8500, DoDI 8510 and NISP SP 800-53
• Review, update and/or develop NSA registration artifacts (e.g., SSP, POA&M, MOU/MOA, topology, network architecture, PPSM, policies and procedures, HW/SW lists.) for CSFC compliance
• Supports CT&E or DT&E activities of system security engineering and program protection activities
• Identify the mitigation controls for identified risks and propose additional strategies for identified vulnerabilities
• Support all Cross-Domain solution requirements
• Act as the Cybersecurity SME
• Consult in other projects when needed
• Continue education and learning new and evolving technology
• Perform special projects and other duties assigned

• Active Top Secret OR active Secret with completed T5 investigation

• Bachelor’s degree in a related field
• 5+ years of experience in cybersecurity
• IAT-III DOD 8570 Certification: CASP+ CE (CompTIA Advanced Security Practitioner), CCNP Security (Cisco Certified Network Professional Security), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) or Associate, GCED (GIAC Certified Enterprise Defender), GCIH (GIAC Certified Incident Handler), CCSP (Certified Cloud Security Professional)

Hamdan Resources, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer (EEO/AA), making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship and/or authorization to work within the U.S.is required for most positions.