Callahan Enterprises

Careers

Available Positions

We are continuously seeking qualified, motivated individuals with integrity who want to become part of a growing company with a huge potential to succeed. We value our employees and the role they play in our success. We recognize and reward their achievements and we invest in their training, development, benefits and compensation. We take our work seriously and looking for those who do the same, but who also takes pride in solving complex problems and satisfying our clients. Imagination, Innovation, continuous improvement and creativity are all highly desired.

The majority of our positions are in the IT industry. However, we often have administrative, sales, and clerical positions. Our available positions can also be anywhere in the continental U.S.; therefore, all job descriptions for Current Openings show exact locations. Job Descriptions for On-Going Needs may be for multiple locations.

We invite you to explore our web site to learn more about:

•Our company
•Our people
•Our ethics



Cyber Security Specialist

Job Description

Our growing company is looking for a CSS that will be responsible for Information Assurance security oversight and administration of systems and networks supporting trusted operating systems and multilevel security network hardware involving various platforms. Will provide security support for system and network solutions leading to the development of proof of concept and/or system C&A. This person will also participate in technical exchanges, in-progress reviews and related engineering and acquisition meetings and forums, and generate plans and procedures relating to systems security activities.

Requirements


-5+ years of experience with varied information security disciplines, including risk management, assessment and authorization, and security testing
-3+ years of experience with performing security assessments for information systems, developing deficiency findings, and writing system security plans
-Experience with implementing ISO27000 or NIST IT security publications and guidelines, including SP 800-series, FIPS 199, and OMB regulations and FISMA
-Experience with determining systems, network, or infrastructure security requirements and controls against various industry guidance and best practices
-Experience with security control implementation using tools for security control assessments, vulnerability assessment scans, and federal security standards, including FISMA, NIST, DHS, and DIACAP assessment and implementation
-Ability to obtain a security clearance
Additional Qualifications:
-Experience with performing risk assessments
-BA or BS degree
-CISSP Certification
-ISO 27001 Lead Auditor or Implementer Certification


Responsibilities


Performs control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action.
Reports to information security management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Participate in project reviews, incident debriefs and evaluation (such as audit) reviews to understand the issues and gaps, factor into continuous improvement and alter/enhance the education and communication plans.
Engage critical initiatives for security governance and oversight and establish operational security risk assessment program with measures and continuous improvement plans
Plays an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned
Contributes to the development of security architecture and security policies, principles and standards
Develops security processes, procedures, and supporting service-level agreements (SLAs) to ensure that security controls are managed and maintained
Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
Develops and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment
Leads and trains team members in the use of security tools, the preparation of security reports and the resolution of security issues
Performs real-time monitoring, intelligence, and incident management activities to ensure is protected at all times.
Evaluate, design, implement and maintain an overall cybersecurity monitoring and incident response capability across the enterprise that provides consistent security monitoring, incident response and follow up investigation and determination of root cause.
 

Michael SandersSecurity, IT, job