Designated Coordinating Authority (DCA)

The Designated Coordination Authority role supports the Vulnerability Disclosure Program (VDP) - Defense Industrial Base (DIB-VDP) within the Defense Cyber Crime Center (DC3) and is responsible for acting as a Point-of-Contact (POC) and intra-agency liaison for the DIB-VDP Program. The DCA will also provide client support to the DIB cleared and uncleared companies by managing customer relationships by ensuring deliverable expectations are exceeded. On a daily basis, the DCA will be responsible for attending various leadership and stakeholder meetings, deploying and managing workflows, deadlines, and metrics via JIRA, developing presentations and Standard Operating Procedures (SOP), and meeting deliverable suspense dates for the customer.

Other responsibilities include:

Coordinate with all required PoCs for tasks such as JIRA development needs, to include developing required inter-agency and company level permissions for JIRA (software) dashboards and workflows, and inter-agency JIRA training.
• Create technical requirements and collaborate on backend software configurations for JIRA. This includes collaborating with test and development teams to test engineering design and resolve any complications.
• Assist with the coordination of public advertising requirements, such as where is appropriate to advertise, how advertising will be handled, preventing any unfiltered public announcements, coordinate with fellow directorates to confirm all are in one accord.
• Provide needed metrics, DIB-VDP metrics (such as reports, participants, assets, and sponsors), and hold ongoing meetings with direct clients.
• Consults and advises government leadership on strategic future planning, assessed risks and mitigations, program process improvement initiatives.
• Coordinate DIB Onboarding Summit and facilitate gaining company participation.
• Meet/respond to all potential participants to assist with all questions related to documentation, account creations, welcome letters, and urgent asset vulnerabilities (as directed by government client). This includes coordinating with prospective teams to provide accurate and appropriate assistance. Facilitates government to company discussions as needed.
• Gather all required onboarding documents for DIB company participants.
• Approve participant accounts and coordinate the accounts with the associated company.
• Create company accounts in VRMN along with aligning proper security features.
• Update Confluence with each step performed, test/confirm all assets per required by government clients. Speak to potential participants about any asset related concerns.
• Ingest vulnerabilities through VRMN by confirming the proper company has been alerted of the proper asset containing the vulnerability while moving the asset to next stage of the workflow. Answer vulnerability questions within VRMN wherever appropriate.
• Train workflow and operational processes to DIB-VDP Cyber Security Triage Analysts, DC3 Directorate cohorts, oversight teams, and participants.
• Updating website and documents as needed from other DC3 Directorates

Required:

• Demonstrated experience and understanding of project management methodologies and tools
• Strong understanding of information security principles, technologies, and practices
• Knowledge of web penetration methodology and application
• Familiarity with common web penetration testing tools such as BurpSuite, Nmap, Kali Linux
• Experience operating in a professional IT or cybersecurity environment
• Ability to professionally communicate with internal and external customers
• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD; Additional 4 years of experience can be considered in lieu of a degree
• Active Secret security clearance required

Preferred Additional Skills:

• Project Management Institute (PMI) Project Manager Professional (PMP) certification
• Experience with JIRA and Confluence
• Security+, CEH, CySA+, PenTest+ or similar certification a plus
• Experience with cloud infrastructure (i.e. Amazon Web Services, Microsoft Azure)
• Familiarity with system security, Security Technical Implementation Guide (STIG)

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.