4323 - Expert Windows Engineer

OVERVIEW:

Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive technical assessments and perform detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls.

GENERAL DUTIES:

• Leverage extensive technical expertise in Windows systems, Active Directory, and IIS to perform independent review and assessment of Technical Security controls in support of JCIP Inspections.
• Interact with leadership and site technical staff in advance of conducting inspections.
• Interview organizational subject matter experts to conduct STIG, SRG, and IC policy checklist assessments. Collect data to support Threat Informed Critical Controls List (TICCL) reviews.
• Provide written input on security control assessments.
• Participate in planning, execution, and reporting of reviews and vulnerability assessments with minimal supervision. Prepare assessment deliverables.
• Communicate findings and their impact through clear presentations and written reports.
• Stay up to date with latest trends and technologies related to Microsoft Windows, Active Directory, and IIS to continuously refine inspection protocols.
• Travel as required to support remote inspections. (8-12 weeks of travel avg, some international and passport required).

REQUIRED QUALIFICATIONS:

• Possess a master's degree, with 8+ years of total experience/equivalent certifications.
• Knowledge:
  • Proven experience administering, maintaining, or engineering Microsoft Windows systems, Active Directory, and IIS web servers (preferably all three).
• Skills:
  • Strong interpersonal and communication skills for effective interaction with various stakeholders and team members.
  • Ability to interpret and apply STIGs, NIST 800-53 controls, and JCIP programmatic requirements.
• Abilities:
  • Demonstrated experience leading security projects and initiatives.
  • Collaborative team player with experience working in mixed technical environments.
  • Ability to conduct independent technical reviews and escalate complex findings appropriately.
  • Demonstrate technical capability with Microsoft Windows technologies and processes.
• Certifications:
  • Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD 8570.01-M and or DoD Directive 8140 Cyberspace Workforce Management.
  • CASP+ CE
  • CCNP Security
  • CISA
  • CISSP (or Associate)
  • GCED
  • GCIH
  • CCSP

DESIRED QUALIFICATIONS:

• Master's degree may be substituted with a bachelor's degree and 5+ years of additional experience/equivalent certifications, for a total of 13+ years.

CLEARANCE:

• TS/SCI minimum