Washington, D.C.

Cybersecurity Service Provider (CSSP) Audit Subject Matter Expert (SME)

Job Specs

Cyber Defense
Washington, District of Columbia, United States

Job Description:

XOR Security is currently seeking talented Cybersecurity Service Provider (CSSP) Audit Subject Matter Expert (SME) for a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff. Department of Homeland Security (DHS) Enterprise Security Operations Center (ESOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS ESOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.

The selected candidate will apply experience as a CSSP Audit SME by planning, coordinating, scheduling, resourcing, tracking, documenting, executing, and analyzing CSSP programs using the DHS Evaluators Scoring Metrics (DoD ESM 9.2).

The CSSP Audit SME will:
- Apply in-depth knowledge of DHS 4300 series, NIST SP 800 series, and DHS regulations or similar DoD regulations.
- Demonstrate successful experience with assessing an organizations maturity level of cybersecurity compliance.
- Demonstrate expert level knowledge of vulnerabilities and weaknesses across complex IT environments and comprehend the applicability of security standards across technologies.
- Demonstrate familiarity with cybersecurity operation center (SOC) operations and cybersecurity sensors and tools.
- Demonstrate experience with the development and coordination of guidance and work products related to issues tracking management and plan of actions and milestones and ensure transparency of maturity level deltas, progress, and challenges within an organization.
- Assist in developing and presenting briefs to senior leaders on the organization’s CSSP activity.

Required Qualifications:

The candidate must be able to attain a DHS EOD Clearance.

The candidate must also possess:
- 4+ years of experience as an IT program expert in the DoD, or Federal Services
- Experience with CSSP assessments
- Experience with supporting the delivery of large and complex projects on time and within budget in government organizations
- DoD 8570 IAT III
- Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; the candidate must be able to attain a DHS EOD clearance with at least a Secret clearance.

Desired Qualifications:Closing Statement:

- DoD 8570 IAM III

XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP REQUIRED and SECRET Clearance