Novetta

Novetta Springfield, VA, USA
Jan 10, 2020
Full time
Job Description: We are seeking an experienced Cyber Lead with a strong grasp of Information Assurance (IA) principles and best practices. This position will provide program execution and Assessment and Authorization (A&A) support for a DoD customer migrating USG IT services and assets to a hybrid cloud architecture. A successful candidate will also provide augmented team leadership to Novetta staff supporting Cyber support to a DoD Cloud Platform-as-a-Service (PaaS) program. The Cyber Program Manager will: Lead team and advise the customer on Information Assurance (IA) and Cyber Security best practices. Manage engineers and technical consultants to support successful accreditation of the hybrid cloud system and successful continuous monitoring and targeted assessments of the cloud PaaS environment. Help design and implement security controls for the environment. Oversee creation of accreditation Body of Evidence (BoE) artifacts. Support the design and implementation of an effective and compliant continuous monitoring strategy. Provide a technical and administrative definition and analysis and recommend alternative solutions to end-users and other stakeholders. Participate in review meetings with the prime contractors and USG staff. Ensure contract deliverables are delivered on time and at high quality. Support ancillary Novetta cyber business development activities. Basic Qualifications: Active TS/SCI clearance. CompTIA Security+ Certification or equivalent IAT Level II certification. 4+ years of experience developing and reviewing accreditation Body of Evidence (BoE) artifacts for IT systems in support of the Risk Management Framework (RMF) accreditation framework. 1+ years of experience with cloud infrastructure and services. Desired Skills: Additional security-related certification. AWS Associate or Professional certification. Strong verbal and written communication skills. Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers. BS in Computer Science or related field. Security Clearance: Must have an active Top Secret/SCI So, what does Novetta do? We focus on three core areas: Cyber, Entity, and Multi-Int Analytics. Our products are focused on processing and analyzing vast amounts of data in these core areas. Our services are focused on helping our customers move from complexity to clarity. At Novetta, we bridge the gap between what our customers think they can do and what they aspire to achieve. Our culture is shaped by a commitment to our Core Values: Integrity: We hold ourselves accountable to the highest standards of integrity and ethics. Customer Mission Success: Customer mission success drives our daily efforts-we strive always to exceed customer expectations and focus on mission success beyond contractual commitments. Employee Focus: We value our employees and demonstrate our commitment to them by providing clear communications, outstanding benefits, career development, and opportunities to work on problems and technical challenges of national significance. Innovation: We believe that innovation is critical to our success - that discovering new and more effective ways to achieve customer mission success is what makes us a great company. GET A REFERRAL BONUS FOR THE GREAT PEOPLE YOU KNOW ! With our amazing referral program, you could be eligible to earn outstanding rewards for referring qualified new hires to Novetta. Novetta is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Novetta Arlington, VA, USA
Jan 10, 2020
Full time
Job Description: We are seeking highly motivated Cyber Security SME to ensure the security of a cloud-based system working to achieve authorization. The Cyber Security SME will work as part of a team-building the Risk Management Framework (RMF) authorization body of evidence, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc. The Cyber Security SME will ensure that the system is securely configured and properly documented to achieve authorization by working with the prime contractor to achieve Authorization to Operate (ATO). The ideal candidate has experience writing and validating body of evidence documentation for classified information systems using multiple overlays. Basic Qualifications: Active Top Secret clearance Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or related field DoD 8570 IAM Level II certification (Security+, CISSP, or equivalent) Experience with NIST 800-53 Experience with Windows and Linux environments. Experience with cloud environments. Desired Skills: AWS Certification or experience with AWS. Other Security related certification Experience working in a DevSecOps project environment. Strong verbal and written communication skills. Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers. Ability to interface with seasoned Government personnel. Ability to work in a matrixed team environment and support multiple different efforts as needed. Desire to learn new technologies and tools and willing to share your experience with the team. So, what does Novetta do? We focus on three core areas: Cyber, Entity, and Multi-Int Analytics. Our products are focused on processing and analyzing vast amounts of data in these core areas. Our services are focused on helping our customers move from complexity to clarity. At Novetta, we bridge the gap between what our customers think they can do and what they aspire to achieve. Our culture is shaped by a commitment to our Core Values: Integrity: We hold ourselves accountable to the highest standards of integrity and ethics. Customer Mission Success: Customer mission success drives our daily efforts-we strive always to exceed customer expectations and focus on mission success beyond contractual commitments. Employee Focus: We value our employees and demonstrate our commitment to them by providing clear communications, outstanding benefits, career development, and opportunities to work on problems and technical challenges of national significance. Innovation: We believe that innovation is critical to our success - that discovering new and more effective ways to achieve customer mission success is what makes us a great company. GET A REFERRAL BONUS FOR THE GREAT PEOPLE YOU KNOW ! With our amazing referral program, you could be eligible to earn outstanding rewards for referring qualified new hires to Novetta. Novetta is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Novetta Springfield, VA, USA
Jan 10, 2020
Full time
Job Description: The Cyber Security Engineer will work as part of a Cyber Security team responsible for the building, securing, and monitoring of multiple classified and unclassified cloud environments for a government customer. The Cyber Security Engineer will help architect, design, and implement solutions for security products such as Splunk, ACAS/Tenable, McAfee, GuardDuty, etc. Responsibilities include: Operate Splunk components and maintain functionality, to include: clustered environments, forwarder configuration, installing standard configuration files, and conducting SPL queries. Create Splunk dashboards, alerts, and reports. Conduct system analysis and user behavior analysis. Perform ACAS/Tenable Security Center tasks such as building vulnerability and compliance scans, and work with system administrators to resolve findings. Operate and maintain McAfee products such as EPO or HBSS. This includes custom rule set construction and installing agents in conjunction with server configuration and engineering. Working with Engineers, Developers, and the ISSM, to document system settings and configurations as part of the Body of Evidence (BOE) for Risk Management Framework (RMF) Assessment and Authorization (A&A) packages in accordance with the NIST 800-53, Rev 4. Basic Qualifications: Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or related field DoD 8570 IAM/IAT Level II or III certification (Security+, CISSP, or equivalent) 5+ years of experience implementing NIST 800-53 security controls and the Risk Management Framework 5+ years experience installing applications and security appliances on servers from scratch. Desired Skills: Experience building, securing, and/or monitoring Cloud environments (AWS, Azure, or equivalent Amazon Web Services (AWS) certification Splunk Certified Power User certification or higher Experience implementing DISA STIGs on Windows or Linux systems REGEX or other scripting experience Ability to operate independently in Windows and Linux environments with command line competence in either/both. Ability to work in a matrixed team environment and support multiple efforts as needed. Security Clearance: Active Top Secret/SCI clearance
Novetta Columbia, MD, USA
Jan 10, 2020
Full time
Job Description: The Cyber Systems Engineer will assist the Cyber Security Team to generate technical documentation and conduct continuous monitoring of systems, as well as perform the application of security controls and conduct research of threats detected. The Cyber Systems Engineer will provide an interface between the cybersecurity team, the GCS engineering team, and the software development team, taking specific consideration of operating system and application mitigations and security requirements. Responsibilities include: Act as an information security advisor to multiple contractor and government Program Managers Build and maintain strong, trusted relationships with government accrediting authorities Act as a liaison between the government client, the contractor and the DAA on all matters relating to information security Analyze information systems and software to assess their security posture and vulnerabilities. Suggest mitigation or remediation strategies Track updates to DoD cybersecurity regulations and the security technical implementation guide Assist engineering with configuration management as it relates to system and software cybersecurity Advice and assist engineering and development resources on secure coding and engineering practices Prepare & update certification packages for NIST, DCID, DIACAP, and RMF frameworks, as required Assist in the sustainment of secure, classified systems and software that are field-deployed. Basic Qualifications: 3+ years of experience with some or all the directives and requirements outlined in the DCID 6/3, JAFAN 6/3, ICD 503, NIST, CNSS and DIACAP policies that govern the deployment of secure information systems. 3+ years of experience in developing and authoring system documentation (System Security Plans, Security Requirements Traceability Matrices, Security Test and Evaluation Plans, etc.) that supports the Certification and Accreditation process. 2+ years of experience with system auditing and vulnerability scanning. 2+ years of experience maintaining cyber-security best practices in production environments. 2+ years of experience analyzing accreditation requirements and guidelines (e.g., STIGs) and translating those into requirements for inclusion into system and software baselines. Desired Skills: BS in an engineering field or equivalent. Understanding of government/defense processes, structures and methods. Served previously in an ISSM or ISSO role; CISSP or similar certification; experience with Microsoft and Linux operating systems; experience in requirements analysis. Experience with scanning tools, specifically NESSUS and Fortify. Systems engineering experience, specifically with military tactical solutions supporting ISR and/or C2 solutions. Security Clearance: Secret clearance required to start can hold up to a TS
Novetta Beltsville, MD, USA
Jan 10, 2020
Full time
Job Description: The Cyber Incident Handler provides computer forensic and intrusion analyst support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Assists in deterring, identifying, monitoring, investigating and analyzing computer network intrusions. Basic Qualifications: Bachelor's Degree (preferred) in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related academic discipline of science, technology, engineering, or mathematics. Eighteen (18) months+ experience in a SOC Strong analytical skills Excellent oral and written communication skills Extremely detail oriented Solid understanding of one or more of the following tools: Remedy ticketing system or similar tracking system Splunk Solid understanding of network protocols an packet analysis tools Previous SOC incident handling and response activity experience with some mentoring experience One or more certifications, including but not limited to: CEH, Security+, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CISSP, CCNA Security Clearance: Secret clearance with ability to obtain Top Secret
Novetta Annapolis Junction, MD, USA
Jan 10, 2020
Full time
Job Description: Performs analysis on construction and diagnostics of computer networks, computer network exploitation, research digital forensic analysis, report generation, mentoring, exercise support, and recommendation of new analysis technologies. Provides written and oral assessments regarding the analysis. Assists in the development of new tools, and modifications of existing tools. Basic Qualifications: Bachelor's Degree in Computer Science, Engineering, Software Engineering or 4+ years of experience in intrusion analysis and incident response may be substituted for a degree 1+ years of demonstrated experience in Cybersecurity applications and techniques 2+ years of demonstrated experience in intrusion analysis and incident response 3+ years of demonstrated experience with TCP/IP fundamentals, Windows and Linux/Unix Operating Systems Desired Skills: 1+ years of Splunk experience or equivalent courses Experience with computer network exploitation, construction, and diagnostics of computer networks, network analysis, network threats and risks, incident response, and database research Technical and narrative reporting Awareness of applicable computer network exploitation policies, regulations and compliance documents Analyze network packet information, Windows and Linux/Unix OS system data, executable file data, host data, and metadata to identify and characterize anomalies Provide reporting on activities and assist in the development and optimization of new and existing tools and techniques to enhance analytic capabilities Security Clearance Requirements: Active TS/SCI with favorable polygraph
Novetta Beltsville, MD, USA
Jan 10, 2020
Full time
Job Description: This is a Senior Security Analyst position focused on responsibilities for malware analysis, network monitoring, and ticket support for a Federal Agency at a security operations center. Additionally, this position is involved with the evaluation and operational support of malware and analysis tools, processes and products. Responsibilities include: Conduct dynamic malware analysis Recommend remediation steps for computer security events and incidents Identify and recommend process creation and improvements Supporting malware analysis systems and tools Supporting / Mentor analysts on new techniques and information sources Support ongoing incidents from non-CIRT organizations related to computer security when requested Willingness to support shift work Desired Skills: Security + CISSP SANS GREM SANS GCIH and/or GCIA Certified Ethical Hacker (CEH) Basic knowledge of Java, C, and/or C++
Novetta Annapolis Junction, MD, USA
Jan 10, 2020
Full time
Job Description: As a cybersecurity professional at Novetta, you'll bridge the gap between what our customers can currently do and what they aspire to achieve by solving problems of national significance. As a member of a team, you'll protect the nation through proactive intelligence collection via computer networks gathered from target information systems. Basic Qualifications: Thorough understanding of TCP/IP and common protocols such as SSH, HTTP/S, SMTP, DNS, BGP, DHCP. Understanding of the OSI model and its relevance to internet technologies. Comfort with the internet threat landscape such as it relates to encryption technology Desired Skills/certifications: Network+ Security+ CISSP OSCP CEH Any number of Cyber Certifications including but not limited to: GPEN, GXPN, GCFE, GCFA, and OSCP. Special consideration given for the following skills: Degree in mathematics or related experience in cryptanalysis. Certifications or work experience related to encryption technologies Protocol analysis focused on encryption technologies Experience with UNIX operating systems. Ability to develop a network and malware signatures (e.g. Yara, Snort) C++ SIGINT experience Level 2: Minimum of eight years' experience with in-depth demonstrated experience. Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.
Novetta Columbia, MD, USA
Jan 10, 2020
Full time
Job Description: Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI. Advice on in-depth security design review and threat/risk assessments. Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs). Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities. The ISSE will work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc. The ISSE will be the technical expert for cybersecurity in the government program management office. Basic Qualifications: Active Top Secret/SCI clearance Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or related field DoD 8570 IAM Level III certification (CISSP, CISM, or equivalent) 5+ yrs experience with NIST 800-53 5+ yrs experience with Windows and Linux environments. 5+ yrs experience with virtualization or cloud environments. Knowledge of information security and assurance practices and principles. Desired Skills: Other Security related certification Experience working in a DevSecOps project environment. Formerly or currently a system administrator, developer, or engineer. Experience with MS Active Directory, Splunk, ACAS/Nessus, McAfee, Windows, Linux, AWS Security, etc. Strong verbal and written communication skills. Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers. Ability to interface with seasoned Government personnel. Ability to work in a matrixed team environment and support multiple different efforts as needed. Desire to learn new technologies and tools and willing to share your experience with the team. Security Clearance: Top Secret/SCI required to start
Novetta Beltsville, MD, USA
Jan 10, 2020
Full time
Job Description: Senior Security Monitoring Analyst with significant experience managing cases with enterprise SIEM systems like Splunk. Experience and a solid understanding of the following technologies: Endpoint security products IDS/IPS Email security products for an exchange like IronPort Experience with one or more of the following tools: RSA/Security Analytics Wireshark or other information security tools Remedy Tanium Responsibilities include: Four (4)+ years of monitoring and detection with the expertise of deep packet and log analysis Ability to create IS/IPS content Lead SOC analysis activity and log analysis Expert ability to recognize potential, successful/unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information Expertise leveraging situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents Ability to author Standard Operating Procedures (SOPs) and training documentation when needed Expert understanding of network protocols and packet analysis tool Deep understanding of Windows, Linux operating systems network behavior Familiarity with basic forensics and malware analysis Ability to lead on incident research when appropriate with ability to mentor junior analysts Provide correlation and trending of cyber incident activity Understanding of concepts of identifying anomalous behaviors Ability to provide timely and relevant security reports as necessary One or more certifications, including but not limited to GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent Security Clearance: Active Secret clearance; TS eligible
Novetta Arlington, VA, USA
Jan 10, 2020
Full time
Job Description: The Cyber Threat and Intelligence Analyst in support of a major federal client. This organization provides services that analyze and produce enhanced cybersecurity and threat intelligence information to include threats and potential threats to the customer's personnel, information, and information systems; provides timely and relevant intelligence to assist with mitigating cyber threats confronting the Department; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. Responsible for the delivery of written and oral briefings to stakeholders and community partners across the Foreign Affairs community. Responsibilities Include: The Cyber Threat and Intelligence Analyst will support the customer's overall cyber threat analysis efforts. Researches, analyzes, writes, edits, and proofreads technical data for use in documents such as cybersecurity intelligence bulletins, alerts, and briefings. Attends meetings such as those that determine workflow, requirements, and other required documentation as part of contract deliverables. Ensures documentation is accurate, complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Participates in establishing style guidelines and standards for text and illustrations. Contributes to development, writing, and reviewing of SOPs. Creates and utilizes a variety of documentation templates with the goal of standardizing deliverables. Ensures content is developed in an appropriate style for the intended audience to include presentations, bulletins, white papers, memos, policies, briefings, and other products. Acquires subject knowledge by collaborating with analysts and engineers. Assists in coordinating projects from the planning stage provide additional or missing materials and edits for content format, flow, and integrity. Researches topics and interview stakeholders to understand communication product requirements; analyzes business problems and helps prescribe communication solutions. Candidates should possess experience with and knowledge of cyber threat and/or intelligence analysis, and have proven expert written and oral communication skills to include experience with executive-level presentations. Should have knowledge related to the current state of cyber international relations, adversary tactics, and trends, and will possess the ability to work quickly, and a willingness to complete ad hoc, time-sensitive assignments. Basic Qualifications: 5+ years of experience in intelligence or technical analysis with increasing responsibilities. Demonstrated oral and written communication skills. Good working knowledge of cyber threat intelligence analysis Prior military or intelligence community experience and/or formal analytic training/certification Strong analytical skills and the ability to effectively research, write, communicate and brief to varying levels of audiences to include at the executive level Previous experience managing cross-functional and interdisciplinary project teams to achieve tactical and strategic objectives. Desired Skills: Three years' of experience in intelligence or technical analysis with a focus on cyber threat analysis. Knowledge of geopolitical issues and events and the use of cyber tools & techniques to influence them One or more geographic areas of expertise, e.g. East Asia and Pacific, South and Central Asia, Near Eastern, European and Eurasian, South American or African areas. Experience working with data breach analysis Experience working with open source and social media data platforms to evaluate publicly available information for suspicious or malicious activities Demonstrated expertise in deploying and maintaining tools to facilitate the flow of intelligence analysis and reports. Experience with All Source production and knowledge of cyber/technical intelligence Experience writing contract deliverables such as Event Bulletins, Cyber Digests, and Quarterly Summary Report A Bachelor's Degree in Computer Science, Information Systems, Intelligence, English, Communications, History, International Affairs or Studies, or other related technical or liberal art discipline is desired. Four (4) additional years of general experience may be substituted for the degree. Certifications Desired : CISSP, CISM, Security+
Novetta Arlington, VA, USA
Jan 10, 2020
Full time
Job Description: The Cyber Threat Mobile Researcher supports a cabinet-level federal agency in their cybersecurity mission. The team provides services that analyze and produce enhanced cybersecurity and threat intelligence information to include threats and potential threats to the customer's information and information systems; provides timely and relevant technical analysis to assist with mitigating cyber threats; supports evaluation, implementation, and operations of tools/technologies used in advanced analysis. The researcher should be able to: Provide expert cybersecurity knowledge of enterprise mobility systems to business and technology teams and facilitate the collaborative development of the security of the mobile technology strategy Determine the most efficient methodology and path for securing the mobile infrastructure, to include assessing technical configurations and security settings for mobile devices Understand threats to mobile ecosystems and architect security solutions in support of mobile environments Assess and integrate iOS, Android, and tablet devices into an integrated mobile threat platform and mobile device management environment Evaluate, recommend, and support operational changes and modifications to secure the mobile environment Deliver written and oral briefings to stakeholders and community partners Basic Qualifications: Bachelor's Degree Minimum of five (5) years of experience in advanced technical analysis with increasing responsibilities Good working knowledge of cyber threat concepts and analysis Familiarity with iOS or Android operating systems Knowledge of common digital forensic techniques and practices Experience imaging digital media Experience flashing and using custom ROMs Experience utilizing commercial imaging tools such as Cellebrite, Oxygen, or Axiom Development/analysis of mobile device applications Ability to read and understand assembly code (ARM, x86, x64, etc.) Previous experience working in cross-functional and interdisciplinary project teams to achieve tactical and strategic objectives Proven ability to document and teach team members how to apply advanced analytic techniques to solve complex problems Solid understanding of enterprise IT cybersecurity operational environments Desired Skills: Top Secret clearance Experience with reverse engineering or application tear-down Experience in security with a focus on forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in forensics, network analysis, mobile device forensics-related to malicious code, or other similar skill Experience in intelligence or technical analysis with a focus on cyber threat analysis. Experience analyzing emerging technologies for potential attack vectors and developing mitigation strategies Ability to evaluate offensive and intelligence-based threat actors based on motivation and common TTPs Experience with gathering open-source and controlled intelligence to develop a predictive understanding of adversarial strategies, priorities, and overlapping interests Demonstrated expertise in deploying and maintaining open-source network security monitoring and assessment tools Security Clearance: Secret clearance and eligibility for TS/SCI