Job ID: S001 (multiple positions)
Location: Northern Virginia
Clearance: Top Secret Clearance Required.
About Special Aerospace Security Services:
Started in 1988, Special Aerospace Security Services (SASSI) is a Woman Owned Small Business (WOSB) focused on delivering national security mission solutions to the U.S. Government in support of their vital role in protecting the United States of America. Known for highly interactive training provided by nationally recognized security experts from a wide variety of different security disciplines. SASSI has three operating Divisions that cover all aspects of security services: Integrated Security Solutions (ISS), Health Security Services (HSS), and the National Security Training Institute (NSTI). Our areas of expertise include: Personnel, Physical, Cyber, and Health Security, including Management Consulting, Risk Management, Emergency Preparedness and Response, and Working Dog Health and Wellness Support.
Provide cybersecurity support services to assist our clients with their cyber security activities. Provide research and analysis on a broad range of cybersecurity topics and prepare technical documentation to support team assessment of risk and prepare recommendations to our client on risk to the organization. A qualified candidate will be responsible for the following primary duties and responsibilities, but are not limited to:
Participate in a team helping to document processes, and procedures to protect highly confidential data
Research and analyze the specific requirements associated with National Institute of Standards and Technology (NIST) to assist the team with plans to satisfy each requirement
Attend strategy meetings and capture key notes, action items, and next steps
Assist Team Lead in the development of executive briefings and project milestone reports
Duties will include but are not limited to:
Provide Cybersecurity Governance, Risk, and Compliance (GRC) services to assist our clients with planning, implementing, and maturing their cybersecurity program activities in alignment with the Cybersecurity Framework. A qualified candidate will be responsible for the following primary duties and responsibilities, but are not limited to:
Assist with the development of policy documents using online research methods and an understanding of basic cybersecurity concepts.
Assist with the generation of metrics to depict compliance data in charts and graphs using MS Excel
Perform as part of a larger team in the documentation of organizational risk assessments through review of system architecture diagrams, vulnerability reports, and a basic understanding of common threat vectors (e.g. phishing, zero-day vulnerabilities)
Participate in the design of a Cybersecurity Awareness & Outreach Program, complete with branding materials, a communication strategy and creative development of awareness products to create a “cyber aware” culture.
2+ years of experience developing or assisting clients with the implementation of cybersecurity policy and regulatory compliance
1+ years of experience supporting the Assessment and Authorization (A&A) process, in accordance with NIST Risk Management Framework (RMF)
1+ years of experience generating, analyzing, and reporting data using Microsoft Excel
Experience writing business process documentation, whitepapers, or technical reports
Experience reviewing or developing system architecture diagrams
Possession of excellent oral and written communication skills
B.A. or B.S. degree in Information Technology (IT) related field (may be waived for equivalent experience)
A professional security certification such as Security+ (alternative certifications will be considered)
Experience with Tableau, Splunk, or Power BI for data analytics
Experience generating RMF A&A Packages
Experience with government organizations (e.g., DoD)
Experience analyzing the security responsibilities of cloud service providers (CSP).