JCIP Expert HBS Technical Reviewer

Pueo is known for bringing the best talent and unique tools to every opportunity. Pueos Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a business organization that thrives on career development and support of mission and professional growth our Parliament has supported the development of multiple patents proprietary tools and applications as well as trademarked processes.

Our organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employees desires and capabilities and we ensure challenges growth and unique experiences are available for employees at all levels.

Our Career Environments (Program Functional Service and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship understanding and peer support.

OVERVIEW:

Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive technical assessments and perform detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs) IC Technical Implementation Guides (TIGs) Security Technical Implementation Guides (STIGs) Security Requirement Guides (SRGs) and NIST 800-53 rev 5 security controls.

GENERAL DUTIES:

• Conduct thorough technical assessments and manual audits of host-based security controls across enterprise endpoints servers and workstations within Intelligence Community (IC) environments.
• Analyze system configurations host-based firewalls endpoint detection and response (EDR) tools antivirus/antimalware solutions and application whitelisting to ensure compliance with IC Directives and STIG requirements.
• Evaluate compliance with IC Technical Implementation Guides (TIGs) Security Technical Implementation Guides (STIGs) Security Requirement Guides (SRGs) and applicable NIST 800-53 Rev 5 controls relevant to host-based security.
• Independently perform manual checklist reviews of host security settings and controls; identify vulnerabilities risks and recommend mitigations.
• Engage with system administrators endpoint security teams and leadership to clarify findings provide risk assessments and coordinate remediation efforts.
• Lead and mentor Level 1 IDRs in host-based security tasks and inspections.
• Stay current on emerging host security threats vulnerabilities and mitigation strategies including zero-day exploits advanced persistent threats (APTs) and endpoint hardening techniques.
• Participate in planning execution and reporting phases of inspections with minimal oversight; prepare clear and concise technical reports and presentations.
• Travel as necessary to support onsite inspections at IC facilities. (8-12 weeks of travel avg some international and passport required).

REQUIRED QUALIFICATIONS:

• Possess a masters degree with 8 years of total experience/equivalent certifications. Masters degree may be substituted with a bachelors degree and 5 years of additional experience/equivalent certifications for a total of 13 years.
• Knowledge:
  • Deep understanding of endpoint security technologies including EDR antivirus host-based firewalls application whitelisting and system hardening best practices.
  • Familiarity with common host OS platforms (Windows UNIX/Linux) and their security architectures.
  • Proficient in interpreting and applying STIGs SRGs and NIST 800-53/800-171 controls related to host security.
  • Awareness of host-based attack vectors such as privilege escalation malware persistence and lateral movement techniques.
• Skills:
  • Strong analytical skills to assess host configurations detect security gaps and evaluate risks.
  • Excellent communication skills for briefing technical and leadership audiences on findings and recommendations.
  • Ability to lead inspections and mentor junior personnel.
  • Capable of working both independently and collaboratively within multidisciplinary teams.

• Abilities:
  • Lead host-based security inspection initiatives including risk analysis and reporting.
  • Translate technical findings into actionable security controls and risk mitigation strategies.
  • Adapt to evolving cybersecurity threats and emerging technologies in endpoint security.
  • Efficiently manage time and tasks during inspection cycles.

• Certifications:
  • Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD 8570.01-M and DoD Directive 8140 Cyberspace Workforce Management.
  • CASP CE
  • CCNP Security
  • CISA
  • CISSP (or Associate)
  • GCED
  • GCIH
  • CCSP

CLEARANCE:

• Top Secret minimum

Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race color religion sex national origin disability age sexual orientation gender identity genetic information or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities women protected veterans and individuals with disabilities.