Cyber Security Engineer
About The Position
This role provides guidance and assistance to all levels of Assessment and Authorization (A&A) technical and non-technical personnel. The position involves preparing and submitting A&A packages to the proper agency, tracking and reporting status to the customer, and documenting existing and proposed information architecture to convey compliance, problems, and solutions. Responsibilities also include resolving incidents and breaches, mitigating problems, informing key personnel, analyzing Special Access Program networks to identify vulnerabilities and reduce breaches, and developing and implementing scanning and certification plans for network control and maintenance. The role will assist the Government in performing threat assessments to determine potential threats to a system/network and their likelihood of occurrence, and ensure that IA and IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines. Additionally, the position supports the execution of all security tests and evaluations and the creation of comprehensive threat and risk assessment reports.
Requirements
- 10 + years of experience in information system security development and management.
- High School Diploma.
- 8570 certification and/or IAT II certification required (Sec+ CE).
- TOP SECRET/SCI SECURITY CLEARANCE
Responsibilities
- Oversee the overall security, integrity and operations of organizational Special Access Program networks IAW DoDD 5205.07, DODI 5205.11, DoDM 5207.07 Vol I-IV, DoDJSIG, CNSSP 22, CNSSI 1253, ICD 503, AFI 17-101, AFI 17-130, AFI 17-203, AFMAN 17-1301, AFMAN 17-1302-O, AFMAN 17-1402, AFI 31-501, other Special Access Program and local policies and procedures.
- Collect and maintain data needed to meet cybersecurity reporting requirements.
- Ensure Security Technical Implementation Guide (STIG) configuration, patching, scanning and testing of systems.
- Develop/find technical solutions and work plans that are consistent with architectural and information system security guidelines.
- Support the Government in the development of SAP assessment and authorization (A&A) packages via the Risk Management Framework (RMF), IAW DoDJSIG, DoDD 8500.1, DoDI 8500.2, DoDI 8510.01, ICD 502, ICD 503, NIST SP 800-53, and AFPD 33-2, AFI 17-101 and supports organizational customers/users with their specific network and stand-alone system accreditations to include maintaining and updating Trusted Facility Manuals, system descriptions, security policies, user guides, system architectures and security-related documentation.
- Prepare and present training tailored for initial and periodic organizational Special Access Program network Information Assurance (IA) Training, System Administrator Technical Awareness, and executive level IA training.
- Provide information to support System Administrators, Network Managers, users, procurement staff and security personnel and monitor, implement and report on all security/configuration patches/changes (i.e., NOTAM, IAVA and security/vulnerability advisories) for the organizational Special Access Program network.
- Perform a weekly review of the audit trail for organizational Special Access Program networks IAW DoDJSIG, ICS 500-27, and ICS 700-02.
- Conduct vulnerability testing and risk analysis as part of the organizational Special Access Program networks and systems.
- Experience with ACAS, SCAP, XACTA and eMASS.
Benefits
- Medical
- dental
- vision
- life insurance
- short-term disability
- long-term disability
- 401(k) match
- flexible spending accounts
- EAP
- parental leave
- paid time off
- holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
High school or GED
