Cyber Security Engineer - Senior

About The Position

Requirements

• 8+ years or more of Cyber Security Engineer or related experience
• 5+ years or more of experience in the role of Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), or Information Systems Security Engineer (ISSE) or similar positions
• Experience with authoring A&A documentation and system authorization artifacts for SAP and SCI systems
• Knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST) and JSIG)
• Excellent oral and written communication skills
• Ability to work well independently or as a team member
• Bachelor of Science degree in computer science, cybersecurity, software engineering, data science, software development or STEM related specialty
• DoD 8140.3 Advanced Certified
• Top Secret, SCI eligible (Must be a U.S. Citizen)
• SAP eligibility (Counterintelligence Polygraph may be required)

Nice To Haves

• Experience assessing SAP and SCI ISs
• 5 years or more experience as a Security Control Assessor Representative (SCAR) or Security Control Assessor (SCA)

Responsibilities

• Working knowledge of all Risk Management Framework (RMF), doctrine to include all guides, directives, manuals within the DoD, especially DoD Instructions 8500.01 and 8510.01 and all the supporting doctrine (e.g. NIST Special Publications 800-18, 800-30, 800-37, 800-47, 800-53, 800-53A, 800-60, 800-115, 800-128, 800-137, 800-160, and 800-161. In addition, issuances from the Committee of national Security Systems like CNSSP-11, CNSSI-4009, and CNSSI-1253.)
• Mastery knowledge of the Joint Special Access Program (SAP) Implementation Guide (JSIG) and how it is applied within the SAP community
• Providing expert support, research and analysis of exceptionally complex problems, and processes relating to them
• Serving as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems
• Thinking independently and demonstrating exceptional written and oral communications skills
• Application of advanced technical principles, theories, and concepts
• Contributing to development of new principles, concepts, and methodologies
• Work on unusually complex technical problems and providing highly innovative and ingenious solutions
• Assists in the development of software tool requirements and selection criteria to include development of product specific STIGs from applicable DISA SRGs
• Leading teams of technical and project managers in implementation of predetermined long-range goals and objectives
• Supporting customer and SAP community IA working groups, participate in SSE IPT reviews
• Advising the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on how to implement effective cyber security posture within their respective programs, organization, and/or agencies
• Evaluating IS threats and vulnerabilities to determine whether additional safeguards are required
• Advising the Government concerning impact levels for Confidentiality, Integrity, and Availability for the information on a system
• Evaluating security assessment documentation and providing written recommendations for Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO)
• Evaluating and assessing authorization boundaries and proposed any changes that could enhance the security posture of the Authorization boundaries
• Mastery knowledge of the various types of protection level implementations and provide guidance on how to achieve that protection level authorization
• Ensuring organizations are addressing and conducting all phases of the system development life cycle (SDLC)
• Ensuring government organizations are implementing and executing cyber security in accordance with the DoD Acquisition strategy
• Evaluating the effectiveness and implementation of Continuous Monitoring Plans
• Assisting with development and maintenance of the Program Protection Plan
• Representing customers in various ISSE related working groups, advisory groups, and advisory council meetings

Benefits

• full range of medical, financial, and other benefits, dependent on the position offered