Aveshka's Insider Threat Division's mission is to detect, deter, and mitigate threats to personnel, technology, information, and systems by analyzing combined data sources to identify anomalous events and counter threats posed by trusted insiders.
Develop and present weekly information system security briefings. Recommend cost effective solutions to mitigate risks within the Insider Threat IT baseline and propose recommendations for improving the information security processes/procedures.
Provide guidance, assistance, and coordination to systems developers, systems administrators, and other IT specialists to ensure verified and timely implementation of IT security standards for systems both under development and already deployed.
Document, manage, and control the integrity of changes to all systems security documentation, including standard operating procedures and user guides that provide detailed instructions for implementing IT systems security policies.
Assist in the selection of minimum security controls to establish a baseline of measures to prevent security breaches of the information system, document the selected security controls in the security plan and initial Risk Assessment Report (RAR), and, document an approved continuous monitoring strategy.
Document the security control implementation, as appropriate, in the security plan, providing a functional description of the control implementation (including planned inputs, expected behavior, and expected outputs).
During each program increment conduct security testing and verify which security controls are implemented correctly, operating as intended, and producing the desired outcome in meeting security requirements.
During each program increment conduct remedial actions on security controls based on the findings and recommendations of the Security Assessment Report and reassess remediated control(s), as appropriate.
Perform daily vulnerability scans and ensure the accountable parties have responded appropriately to vulnerability findings, troubleshoot security threats and vulnerabilities in response to incident reports, and identify/isolate problem sources; and recommend solutions or corrective actions.
Monitor and analyze systems logs daily to identify systems security trends and assess the security effectiveness of installed systems based on analysis of reported security problems.
Possess a minimum of eleven (11) years of information system security experience for senior position(s); or seven (7) years of information system security experience for mid-level positions.
Certified in DoD 8570.01 baseline requirements (e.g. Security + or higher).
Bachelor’s Degree in computer science, information science, management information science, or a math, science, engineering or other technical discipline, related technical certification, or equivalent experience within related field.
Have experience providing information system security services for Insider Threat network, system, software, database systems, and/or data warehouse implementations.
Required Clearance: TS/SCI w/Poly
Desired Qualifications: Scaled Agile Framework for the Enterprise certification desired.
Aveshka is a professional services firm focused on addressing our nation’s most complex threats and challenges. As a small business we’re committed to supporting our clients’ missions with services delivered by our diverse and experienced staff. With expertise in cybersecurity, emergency preparedness, and public health, our experience base spans federal, state, and local governments, as well as private sector entities.
Aveshka encourages collaborative communication and ongoing learning. Some of our benefits include:
Aveshka is an Equal Opportunity Employer (EOE)