About the position
We are seeking a Senior-Level Cybersecurity Specialist with SAP and DoD experience to design, implement, and sustain cybersecurity protections across a complex defense enterprise environment. This position is responsible for securing SAP and mission systems through robust risk management, A&A activities, vulnerability mitigation, and continuous monitoring. The successful candidate will be a subject matter expert who partners closely with engineers, program leadership, and government stakeholders to ensure systems meet stringent DoD cybersecurity and compliance requirements. The Cyber Security Specialist Senior-Level may identify and resolve highly complex issues to prevent cyber-attacks on information systems and to keep computer information systems secure from interruption of service, intellectual property theft, network viruses, data mining, financial theft, and theft of sensitive customer data, allowing business to continue as normal. The Cyber Security Specialist designs, installs, and manages security mechanisms that protect networks and information systems against hackers, breaches, viruses, and spyware. This individual responds to incidents, investigates violations, and recommends enhancements to plug potential security gaps. Senior-Level is competent in subject matter and concepts and generally considered a specialist in area of assignment. May lead individuals assisting in the work. Actively engaged in the risk management and mitigation, proactively identifies risks and develop plan of actions to address the risks Responsible for typical sets of controls such as firewalls, security of business systems, data leakage protection systems, patching, encryption, vulnerability scanning, pen testing Assessment and Authorization (A&A) work will include technical documentation, working authorization packages in eMASS, assessing cybersecurity vulnerabilities, engineering responses for system Plan of Action and Milestones (POAM), conducting risk analysis for Risk Acceptance Requests (RAR) and providing cybersecurity support for the program and customer meetings Monitor all operations and infrastructure for potential cybersecurity vulnerabilities in order to safeguard the organization’s digital security footprint Document and maintain all security tools and technology Regularly audit policies and controls continuously and improve, remediate, or promptly fix identified issues Keep leadership informed on the state of the information security program
Responsibilities
- Actively engaged in the risk management and mitigation, proactively identifies risks and develop plan of actions to address the risks
- Responsible for typical sets of controls such as firewalls, security of business systems, data leakage protection systems, patching, encryption, vulnerability scanning, pen testing
- Assessment and Authorization (A&A) work will include technical documentation, working authorization packages in eMASS, assessing cybersecurity vulnerabilities, engineering responses for system Plan of Action and Milestones (POAM), conducting risk analysis for Risk Acceptance Requests (RAR) and providing cybersecurity support for the program and customer meetings
- Monitor all operations and infrastructure for potential cybersecurity vulnerabilities in order to safeguard the organization’s digital security footprint
- Document and maintain all security tools and technology
- Regularly audit policies and controls continuously and improve, remediate, or promptly fix identified issues
- Keep leadership informed on the state of the information security program
Requirements
- Bachelor’s degree (or higher) in Computer Science, Engineering or related field
- Must be able to obtain and maintain a Secret level clearance. Preference will be given to candidates that possess an active DOD clearance.
- 7+ years’ experience in cybersecurity documentation and system authorization artifacts in DoD environment (system security plan, lifecycle documentation, continuous monitoring plan, security assessment plan, security assessment report, risk assessment, etc.)
- Strong working knowledge of Information Assurance (IA) concepts such as patch management, multi-factor authentication, host-based security, intrusion detection, security event management and defense-in-depth is required
- Possess certification meeting the DOD 8570.01-M/8140 IAM level III (Security +)
- Working knowledge of cybersecurity controls for the assessment of mission systems
- Familiarity with SAP GRC, SAP BASIS and/or S/4 HANA
- This is a remote role with travel as required to support the program (Conferences or meetings – expect less than 10%)
Nice-to-haves
- SAP experience in one or more of the following areas: Budget, FM, FI, CM, PS, CO, PPS, Payments, MM, SD, PS, SCM, D&S, QM, BTP
- Experience in high complexity problem solving and provide demonstrated knowledge across multiple technical areas and business segments.
Benefits
- Comprehensive medical, dental, and vision plans
- Flexible Spending Account
- 4% 401K Match (immediate vesting)
- Paid Time Off
- Tuition reimbursement, certification programs, and professional development
- Flexible work schedule
- On-site gym and childcare option
