Cyber Security Policy SME

Calibrate North Llc. - Antrim, NH

posted 13 days ago

Full-time - Mid Level
Remote - Antrim, NH

About the position

The Cyber Security Policy Subject Matter Expert (SME) will provide expert guidance on security measures during the Oracle 19C upgrade, ensuring compliance with government security standards. This role involves evaluating software systems for vulnerabilities, mentoring teams on secure coding practices, and developing comprehensive security solutions within government-mandated compliance frameworks. The position requires a strong understanding of cybersecurity principles and the ability to communicate technical requirements effectively to both technical and non-technical stakeholders.

Responsibilities

  • Provide expert guidance during the Oracle 19C upgrade, ensuring the implementation of security controls, system hardening, and compliance-driven optimizations.
  • Conduct in-depth evaluations of software systems, pinpoint vulnerabilities, and recommend solutions in alignment with government security standards.
  • Champion security-by-design principles and design comprehensive logging mechanisms, establish audit trails, and develop technical validation processes.
  • Mentor teams on secure coding practices, threat modeling, and compliance-driven development, integrating security testing tools into the development pipeline.
  • Proactively identify potential security risks and vulnerabilities, preparing comprehensive reports detailing security posture, compliance gaps, and prioritized mitigation strategies.
  • Work closely with government stakeholders to understand security requirements, interpret directives, and ensure projects meet contractual compliance obligations.

Requirements

  • A bachelor's degree in computer science, Cybersecurity, Software Engineering, or a closely related technical field, or extensive relevant experience in secure software engineering may be considered in lieu of a degree.
  • Deep expertise in secure software architecture, design patterns, and defensive coding techniques.
  • In-depth understanding of data integrity principles, logging best practices, and rigorous auditing standards related to government record-keeping requirements.
  • In-depth knowledge of cybersecurity frameworks (NIST, ISO, etc.), risk assessment methodologies, and federal compliance standards.
  • Proven track record in designing and implementing robust security solutions within government-mandated compliance frameworks.
  • Extensive experience in integrating security controls and testing throughout the SDLC, focusing on threat modeling, vulnerability analysis, and secure code reviews.
  • Mastery of multiple programming languages, secure coding principles, cybersecurity tools, and cloud security (desirable).
  • Exceptional written and verbal communication skills, with the ability to translate technical security requirements into actionable plans.

Nice-to-haves

  • Experience with Oracle database administration, specifically upgrades or migrations.
  • Expertise in records management principles, log analysis, and auditing best practices.
  • Strong understanding of log data formats, event correlation, and data retention policies.
  • Proficiency in developing technical standards and documentation.
  • Comprehensive understanding of security risk assessment methodologies and reporting frameworks.
  • Certified Information Systems Security Professional (CISSP) certification.
  • Oracle Certified Professional (OCP) Database Administration certification.
  • Oracle Database Security Specialist certification.
  • Certified Information Systems Auditor (CISA) certification.
  • Systems Security Certified Practitioner (SSCP) certification.
  • Relevant GIAC certification (GSEC, GPEN, etc.).

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service