Software Engineer (Annapolis Junction, MD)
Position Location: Annapolis Junction, MD
Seven (7) years experience in software development/engineering, including requirements analysis, software development, installation, integration, evaluation, enhancement, maintenance, testing, and problem diagnosis/resolution.
Two (2) years experience in the SIGINT environment.
Knowledge of and experience with PHP, NodeJS, AngularJS, D3js, MongoDB, and HTML/CSS.
Knowledge of and experience with NGINX, Redis, Jenkins, and Elasticsearch/ Logstash/ Kibana.
Knowledge and experience with internals of HDFS, HADOOP, and/or Google’s BIG TABLE.
Experience with Hadoop clusters with 1000 or more cores.
Familiar with the software development process described in the J-STD-016 and IEEEIEIA 12207, “Information technology-Software life cycle processes” and possess at least two (2) years of experience developing software in accordance with these standards.
Able to communicate directions and provide guidance to junior programmer/analysts.
Four (4) years demonstrated experience developing software for one of the following: Windows, UNIX, or Linux (Redhat versions 3-5) OS.
Experience on at least one Object Oriented System.
Extensive experience in planning and accomplishing goals and complicated tasks and providing consultation on complex projects as top-level contributor or specialist.
Experience in evaluating project needs, determining tasks and durations and allocating resources.
Knowledge and experience with developing distributed storage routing and querying algorithms.
Six (6) years of experience developing software using the Java programming language. At least four (4) years of this experience must have been obtained in the last seven (7) years. At least four (4) years of either C or C++ Windows/Linux programming experience.
Experience developing solutions integrating and extending COTS products.
Demonstrated technical writing skills.
Firm grasp of modem computer programming with a minimum of six (6) years’ experience in programming and development of application software for complex systems and software testing.
Experience “wrapping” legacy systems or components as Web Services within a SOA framework.
A Bachelor’s Degree in Computer Science is highly desired which will be considered equivalent to two (2) years’ experience. A Master’s degree in a Technical Field will be considered equivalent to four (4) years’ experience.
NOTE: A degree in Communications, Computer Science, Mathematics, Accounting, Information Systems, Program Management, or similar degree will be considered as a technical field.
TS/SCI with full-scope polygraph
Business Development Support (Leesburg, VA)
Position Location: Leesburg, VA
The Business Development Support position aids in the development and maintenance of CENTERPOINT’s federal business opportunity pipeline and other related projects as needed.
Positive attitude and ability to effectively work with others
Proficiency with Microsoft Word and Excel, experience with other Office Suite tools
Good written and oral communication skills
Positive and energetic attitude with a strong desire to meet goals, priorities, and commitments
Excellent problem-solving skills
Good organizational skills
Ability to pay attention to detail, and to work independently with minimum supervision
Education: Some college preferred. Relevant and equivalent experience may be substituted.
This is a part-time position, approximately 10 hours per week.
Please send a note of interest or resume to firstname.lastname@example.org.
This position is located in the Leesburg HUBZone and needs to be filled by a resident of a HUBZone. To determine if you live in a HUBZone, go to map.sba.gov/hubzone/maps/.
Senior Director of Cybersecurity (Leesburg, VA)
Position Location: Leesburg, VA
The Senior Director of Cybersecurity will provide strong leadership and guidance for CENTERPOINT’s cybersecurity practice with the responsibility of maintaining and improving the company’s capabilities to Protect Our Nation and Our Way of Life. The Senior Director of Cybersecurity will drive cybersecurity strategy and company capabilities in the areas of security operations, incident response, vulnerability management, insider risk, security assessment, penetration testing, security awareness, cloud security, and compliance. The Senior Director of Cybersecurity will work closely with other company leaders and government stakeholders to accomplish these objectives.
Ongoing development, delivery and communication of a comprehensive Cybersecurity strategy and roadmap to continuously improve cybersecurity capabilities. This includes reviewing proposed investments in technology and resources to ensure alignment with business objectives.
Maintain and improve CENTERPOINT Insider Threat program, in close collaboration with HR and Legal leadership, to more effectively track and respond to insider threats.
10-15 years’ experience working with all levels of Management as well as directing project teams
Deep technical experience and knowledge of Information Security, Information Systems, networks, cloud, etc.
Working knowledge of FISMA, FedRAMP, NIST Risk Management Framework, C&A/A&A
Ability to influence teams, establish direction, create an atmosphere of trust, leverage diverse views, encourage dialogue, and encourage improvement and innovation
Identify and resolve issues quickly and effectively with ability to make timely decisions with limited information
Excellent communication skills
Prepare and present concise, accurate and complex written and verbal documents
Ability to manage multiple tasks in a fast-paced work environment.
Information Security training and certifications:
IAM Level 3 Certification (CISSP, GIAC, CISM, etc.) Required
Security Control Assessor (Ft. Belvoir, VA)
Position Location: Fort Belvoir, VA
The candidate will perform security controls assessments that are an integral part of the Assessments and Authorizations process. The candidate will perform A&A scanning, comprehensive assessment testing, penetration testing, documentation, reporting, and analysis requirements. This includes performing dedicated functions for all client missions involved with Assessments and Authorizations or compliance with applicable National Intelligence Community or Department of Defense information security guidance.
The IA professional will perform comprehensive security assessments of identified and applied security controls; provide summaries of initial assessments in Security Assessment Reports (SAR) addressing the technical evaluation and results of assessment, identify weaknesses or deficiencies, and recommend corrective actions for risk mitigation. They will perform and assess the degree to which a system is compliant with operating systems, network, and application security STIG reviews. The IA professional will perform host and network based security control assessments, determine residual security risks, prepare assessment test reports, prepare and assess test plans, and provide formal recommendations in support of authorization.
They will perform mobile device and mobile application security reviews and document results of such reviews. Provide testing support for evaluations and shall provide specific test plans and testing services tailored to security controls of the systems being tested. The tester will use client accepted tools and techniques, including but not limited to manual testing, web assessment software, vulnerability scanning, pen testing tools, and in house scripts as approved by the client. Test may be conducted either remotely or locally on the systems to ensure compliance and to identify security vulnerabilities, risks, threats, and gaps. The IA professional will assist with providing detailed test plans and conducting security testing of security controls specific to security boundaries, including Cross Domain Solutions (CDS). They will augment cyber penetration testing activities in the planning, execution, tracking, and reporting of Blue/Red Team Assessments consisting of identifying and exploiting vulnerabilities on client systems. In this role, they will coordinate and conduct Blue Team assessments to identify vulnerabilities and correct weaknesses in client networks. The Blue Team will work cooperatively with Key Components (KCs) to provide notification and make recommendations to mitigate those vulnerabilities and assist in corrective actions.
Must have current TS/SCI and able to pass polygraph with 60 days of hire
Working knowledge of NIST SP 800-53A, ICD 503, FISMA, DCID 6/3, relationships between IC and DoD policies for assessment and authorization
Skill in using network analysis tools to identify vulnerabilities
Skill in assessing the robustness of security systems and designs
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
Skill in developing and apply security system access controls
Skill in assessments of industry IT operating system, software database, or hardware
Skill in systems engineering, requirements analysis, system development, software development, or
hardware development as applied to the information assurance or cyber security field
Ability to prepare the various types of security related documents
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems
Ability to evaluate the trustworthiness of the supplier and/or product
Ability to evaluate the adequacy of security designs
Ability to establish effective working relationships internally and externally to the client organization
Must have 8570 (IAM or IAT level III cert)
Working knowledge of roles and procedures of red/blue team activities
Working knowledge of commercial or military software development methodologies, process, and
Working knowledge of web services protocols, including Simple Object Access
Protocol (SOAP), Web Services Description Language (WSDL), and Universal
Description, Discovery and Integration (UDDI)
Working knowledge of structured content tools and languages, and content management systems
Experience using XACTA
Developed technical documentation and white papers
Knowledge of virtualization technologies and virtual machine development and maintenance
Knowledge of emerging security issues, risks, and vulnerabilities
Skill in identifying gaps in technical capabilities and in talking to others to convey information
Experience within the Intelligence Community
Certified 8570 IAM or IAT level 3, (CISSP, CISM, CASP, CISA or GSLC certification - CISSP preferred)
EDUCATION & EXPERIENCE:
Typically requires a Master’s degree or equivalent and 10+ years related experience.
Cybersecurity Engineer - Assured Compliance Assessment Solution (ACAS) (Ft. Belvoir, VA)
Position Location: Ft. Belvoir, VA
Labor Category Description:
Work Role Duties:
Perform vulnerability analysis and management.
Maintain knowledge of Assured Compliance Assessment Solution (ACAS), HP Fortify Web Inspect.
Maintain thorough knowledge of IT including, but not limited to, network sub netting.
10+ years experience
Experience in performing three or more areas: information security compliance, risk management, security engineering, system certification, IT operations security. Bachelor’s Degree or equivalent experience within related field.
Active TS/SCI clearance.
Graduate Degree or equivalent experience within related field
Certification in an information assurance field desired.