Cyber Security Engineer

About The Position

Requirements

• 12+ years experience in cyber security or information assurance including at least 5 years in a DoD environment.
• Bachelor’s degree in a related field. Additional years of experience may be substituted for degree requirements.
• Must be CISSP certified.
• Experience with the certification and accreditation (C&A), assessment and authorization (A&A), and RMF.
• Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.
• Knowledge of intrusion prevention and network access control tools/systems.
• Must have experience with acquisition and sustainment.
• Understanding of system audit principles and security risk assessment.
• Must have a solid understanding of network infrastructure and mission assurance.
• Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB.
• Must have solid communications skills and be capable of working with all levels of an organization.
• Must be a US Citizen and hold a current Top Secret clearance with SCI Access (TS/SCI).
• Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

Responsibilities

• Ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
• Support the system/application Authorization and Accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF).
• Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
• Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals.
• Conduct systems security evaluations, audits, and reviews.
• Recommend systems security contingency plans and disaster recovery procedures.
• Recommend and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
• Participate in network and systems design to ensure implementation of appropriate systems security policies.
• Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
• Assess security events to determine impact and implementing corrective actions.
• Ensure the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.