Cyber Security Policy SME

This is a remote position.

• Provide expert guidance during the Oracle 19C upgrade ensuring the implementation of security controls system hardening and compliancedriven optimizations.
  
• Conduct indepth evaluations of software systems pinpoint vulnerabilities and recommend solutions in alignment with strict government security standards.
  
• Champion securitybydesign principles. Design and implement comprehensive logging mechanisms establish audit trails and develop technical validation processes to ensure adherence to government recordkeeping and security mandates.
  
• Mentor teams on secure coding practices threat modeling and compliancedriven development. Integrate static/dynamic security testing tools into the development pipeline.
  
• Proactively identify potential security risks and vulnerabilities. Prepare comprehensive reports detailing security posture compliance gaps and prioritized mitigation strategies.
  
• Work closely with government stakeholders to understand security requirements interpret directives and ensure projects meet contractual compliance obligations.
  

Requirements

BASIC QUALIFICATIONS:

• A bachelors degree in computer science Cybersecurity Software Engineering or a closely related technical field OR Extensive directly relevant experience in secure software engineering and compliance may be considered in lieu of a degree.
  
• Deep expertise in secure software architecture design patterns and defensive coding techniques to safeguard systems from the ground up.
  
• Indepth understanding of data integrity principles logging best practices and rigorous auditing standards as they relate to government recordkeeping requirements.
  
• Indepth knowledge of cybersecurity frameworks (NIST ISO etc.) risk assessment methodologies and federal compliance standards.
  
• Proven track record in designing and implementing robust security solutions within governmentmandated compliance frameworks.
  
• Extensive experience in integrating security controls and testing throughout the SDLC with a focus on threat modeling vulnerability analysis and secure code reviews.
  
• Mastery of multiple programming languages secure coding principles cybersecurity tools and cloud security (desirable).
  
• Exceptional written and verbal communication. Ability to translate technical security requirements into actionable plans for development teams and clearly articulate risks to nontechnical stakeholders.
  

PREFERERED QUALIFICATIONS:

• Experience with Oracle database administration specifically upgrades or migrations.
  
• Indepth knowledge of cybersecurity frameworks (NIST ISO etc.) risk assessment methodologies and federal compliance standards.
  
• Experience conducting comprehensive security evaluations and vulnerability assessments.
  
• Expertise in records management principles log analysis and auditing best practices.
  
• Understanding of government recordkeeping requirements and compliance frameworks.
  
• Strong understanding of log data formats event correlation and data retention policies.
  
• Proficiency in developing technical standards and documentation.
  
• Comprehensive understanding of security risk assessment methodologies and reporting frameworks.
  
• Certified Information Systems Security Professional (CISSP)
  
• Oracle Certified Professional (OCP) Database Administration
  
• Oracle Database Security Specialist
  
• Certified Information Systems Auditor (CISA)
  
• Systems Security Certified Practitioner (SSCP)
  
• OR a relevant GIAC certification (GSEC GPEN etc.)