Overview
Remote
On Site
Full Time
Skills
DoD
Security clearance
Hardening
Design
Mentorship
Security QA
Computer science
Software engineering
Software architecture
Design patterns
Data integrity
Security controls
Testing
Software development methodology
FOCUS
Threat modeling
Vulnerability assessment
Programming languages
Software development
Cloud security
Communication
Articulate
Oracle database administration
Migration
Cyber security
ISO 9000
Records management
Log analysis
Auditing
Regulatory Compliance
Data
Data retention
Policies
Documentation
Risk assessment
Reporting
CISSP
OCP
Database administration
Oracle
Information systems
CISA
System security
SSCP
GSEC
GPEN
Job Details
Job Description
Job Description
Requirements
This is a remote position.
Title: Cyber Security Policy SME
Location: Remote
Terms: Full-Time/Permanent
Clearance: All qualified candidates must have an active DoD Secret level security clearance
RESPONSIBILITIES:
- Provide expert guidance during the Oracle 19C upgrade, ensuring the implementation of security controls, system hardening, and compliance-driven optimizations.
- Conduct in-depth evaluations of software systems, pinpoint vulnerabilities, and recommend solutions in alignment with strict government security standards.
- Champion security-by-design principles. Design and implement comprehensive logging mechanisms, establish audit trails, and develop technical validation processes to ensure adherence to government recordkeeping and security mandates.
- Mentor teams on secure coding practices, threat modeling, and compliance-driven development. Integrate static/dynamic security testing tools into the development pipeline.
- Proactively identify potential security risks and vulnerabilities. Prepare comprehensive reports detailing security posture, compliance gaps, and prioritized mitigation strategies.
- Work closely with government stakeholders to understand security requirements, interpret directives, and ensure projects meet contractual compliance obligations.
Requirements
BASIC QUALIFICATIONS:
- A bachelor's degree in computer science, Cybersecurity, Software Engineering, or a closely related technical field OR Extensive, directly relevant experience in secure software engineering and compliance may be considered in lieu of a degree.
- Deep expertise in secure software architecture, design patterns, and defensive coding techniques to safeguard systems from the ground up.
- In-depth understanding of data integrity principles, logging best practices, and rigorous auditing standards as they relate to government record-keeping requirements.
- In-depth knowledge of cybersecurity frameworks (NIST, ISO, etc.), risk assessment methodologies, and federal compliance standards.
- Proven track record in designing and implementing robust security solutions within government-mandated compliance frameworks.
- Extensive experience in integrating security controls and testing throughout the SDLC, with a focus on threat modeling, vulnerability analysis, and secure code reviews.
- Mastery of multiple programming languages, secure coding principles, cybersecurity tools, and cloud security (desirable).
- Exceptional written and verbal communication. Ability to translate technical security requirements into actionable plans for development teams and clearly articulate risks to non-technical stakeholders.
PREFERERED QUALIFICATIONS:
- Experience with Oracle database administration, specifically upgrades or migrations.
- In-depth knowledge of cybersecurity frameworks (NIST, ISO, etc.), risk assessment methodologies, and federal compliance standards.
- Experience conducting comprehensive security evaluations and vulnerability assessments.
- Expertise in records management principles, log analysis, and auditing best practices.
- Understanding of government recordkeeping requirements and compliance frameworks.
- Strong understanding of log data formats, event correlation, and data retention policies.
- Proficiency in developing technical standards and documentation.
- Comprehensive understanding of security risk assessment methodologies and reporting frameworks.
- Certified Information Systems Security Professional (CISSP)
- Oracle Certified Professional (OCP) Database Administration
- Oracle Database Security Specialist
- Certified Information Systems Auditor (CISA)
- Systems Security Certified Practitioner (SSCP)
- OR a relevant GIAC certification (GSEC, GPEN, etc.)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.