Cybersecurity Lead

Information Technology Strategies, Inc. is a government IT solutions provider servicing commercial and government initiative in various parts of the United States. We are currently seeking a Cybersecurity Lead to work for our company.

Summary:

• Must have a current U.S. Government SECRET / IT-II Clearance. (Sponsorship will not be provided)
• Will serve as a Lead for supporting and enhancing our Oracle EBS 12.x ERP solution. 
• Will provide expert-level support, conduct in-depth analysis of complex problems, serve as a primary technical authority for the Cybersecurity Assessment Program, and guide the development and implementation of advanced security solutions. 
• Provides expert support, research, and analysis for exceptionally complex cybersecurity problems and processes. Implement and enforce cloud security best practices.
• Serves as the technical expert and lead for the Cybersecurity Assessment Program, offering technical direction, interpretation, and innovative alternatives to complex security challenges.
• Applies advanced technical principles, theories, and concepts to the Oracle EBS environment and related infrastructure.
• Contribute to the development of new cybersecurity principles, concepts, and methodologies tailored to the ERP landscape.
• Addresses unusually complex technical security problems, providing highly innovative and ingenious solutions.
• Recommends and evaluates cybersecurity software tools, assisting in the development of software tool requirements and selection criteria.
• Possess a strong understanding and application of the Security Technical Implementation Guide (STIG) process. Develop product-specific STIGs from applicable SRGs (Security Requirements Guide).
• Determines and pursues necessary courses of action to achieve desired security results, often self-initiating assignments.
• Develops advanced technological security ideas and guide their development into final products.
• Serves as the primary expertise source in cybersecurity and evaluations, particularly within the Oracle EBS context.
• Collaborates with Hosting provider's (data center or cloud) Engineering team to ensure strict compliance with security requirements.
• Analyzes information security requirements and proactively address evolving cyber threats.
• Leads vulnerability and CVE assessment and remediation efforts.
• Oversees identity lifecycle management, IAM Permissions, and access controls.
• Works with multiple SIEM tools and possess in-depth working knowledge of Oracle Audit Vault and Database Firewall (AVDF).
• Leads in the creation and maintenance of application security configuration documentation, policies, and standards.
• Possesses advanced-level experience in implementing, developing, managing, and supporting Identity, Credential, and Access Management (ICAM) solutions.
• Utilizes and guide the use of multiple security assessment tools (e.g., Oracle Database Security Assessment Tool (DBSAT)).
• Leads Cyber Operational Readiness Assessments (CORA).
• Must be willing and able to travel to the client site in Washington, DC approximately 25% annually.

Requirements: 

• Must have a current U.S. Government SECRET / IT-II Clearance. (Sponsorship will not be provided)
• Must have one of the following Command Cyber Readiness certifications: Retina scan analysis, Operating Systems (Windows, Unix), Boundary defense (network policy, router, firewall), Internal defense (L2 switch, L3 switch), DNS (policy, BIND/Windows), HBSS (remote console, AV, ABM, PA, HIPS, ePO), Traditional security (Common, Basic, NCV, SCV), Wireless communications (BES, handhelds).
• Must hold a Tenable Certified NESSUS Auditor certification.
• Must hold one of the following IAM Level III Certifications: CISM, CISSP, GSLC.
• Must hold one of the following IAT Level II Certifications: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH.
• As a DISA FSO certified Team Lead, must hold a certification in penetration testing, such as: Licensed Penetration Tester (LPT), Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification Penetration Tester (GPEN).
• Must currently have or be willing to obtain one of the following certifications: Oracle Cloud Infrastructure (OCI) Foundations 2020 Certified Associate, Oracle Certified Associate (OCA), Oracle WebLogic Server 12c Administrator, Oracle Java SE 8 Programmer I, Oracle Enterprise Manager 12c Essentials (OEM 12c), Oracle Business Intelligence Publisher (BIP) 12c R1: Fundamentals, Oracle Planning 202x Certified Implementation Specialist (CIS), and Oracle Identity Governance 12c: Essentials.
• Must have 7+ years of IT experience.
• Must have 5+ years of Information Assurance (IA) experience.
• Must have 3+ years of experience with DoD Vulnerability Management.
• Must possess expertise in Oracle technologies, specifically in supporting and enhancing Oracle EBS 12.x solutions.
• Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications, and IT frameworks.
• Strong analytical and problem-solving skills for resolving complex security issues.
• Strong skills implementing and configuring networks and network components.
• In-depth knowledge and understanding of DOD security regulations and DISA STIGs.
• Strong knowledge of SCAP and RMF.
• Excellent knowledge of and proficiency with: VULNERATOR, USCYBERCOM CTO Compliance Program, Wireless vulnerability assessment, Web Services (IIS, Apache, Proxy), Databases (SQL Server, Oracle), Email Services (Exchange), Vulnerability Scans (NESSUS, SCCM), Phishing exercises, USB Detect, and Physical Security.
• Must be willing and able to travel to the client site in Washington, DC approximately 25% annually.

Work With Us

IT-Strat is a technology consulting company that holds various contract vehicles including best in class vehicles. IT-Strat has supported multiple clients including the Department of Homeland Security (DHS), Customs and Border Protection (CBP) and Immigration and Customs Enforcement (ICE via both prime and meaningful subcontracts). Additionally, IT-Strat has prime contracts with Defense Information Systems Agency (DISA), Defense Logistics Agency (DLA) and many others. We maintain relationships with multiple large businesses.

IT-Strat was established in 2002. We are a certified Woman Owned Small Business. IT-Strat also successfully graduated as a SBA 8(A) company. It was an 8(a) company from 2008 through 2017 and currently still has 8(a) contract vehicles.

Benefits We Offer:

• Four Medical/Vision options including an HSA plan.
• Dental and Orthodontia plan
• Vision Materials plan
• Paid Life, Short-Term Disability, and Long-Term Disability
• 401K Retirement Program with company contribution
• Paid Vacation, Holidays, Sick Leave, Floating Holidays, Bereavement Leave
• Semi-monthly pay cycle

Information Technology Strategies (“IT-Strat”) is an Equal Employment Opportunity employer, and it is our policy to consider applicants for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, and any other factors prohibited by law. Employment selections are based on company and client requirements and the qualifications and skills of the candidate. IT-Strat is committed to actively capitalizing on the diversity of skills, talents, and perspectives of our employees.