Cybersecurity Engineer

About The Position

Requirements

• Citizenship: Must be a US citizen
• Clearance: Must have and be active Top Secret level clearance, with the ability to obtain SCI
• Certifications: IAT Level II (Security+ CE or other)
• Education: High School Diploma
• Years of Experience: Twenty (20) or more years relevant experience, eight (8) of which must be within the DoD to include:
• Knowledge of and experience adhering to NIST 800-53 requirements
• Experience advising and executing Risk Management Frameworks
• Experience with Program Protection Plans
• Experience with Anti-Tamper plans

Nice To Haves

• Certifications: IAT Level III (CISSP or other )
• Education: Bachelor's Degree
• Years of Experience: Fifteen (15) or more years of relevant experience, five (5) of which must be within be in DoD ; OR, Master's degree with twelve (12) or more years of relevant experience, five (5) of which must be within the DoD

Responsibilities

• Provide expert weapons system cybersecurity guidance and recommendations to acquisition authorities and Authorizing Official (AO) to develop secure, resilient systems.
• Translate and provide comprehensive NIST 800-53 requirements to ensure Systems Security Engineering (SSE) and solutions are incorporated into an integrated program protection scheme.
• Provide subject matter expertise to execute Risk Management Framework (RMF) to support Assessment & Authorization (A&A) of assigned systems including generating required artifacts (Interim Authority to Test [IATT], Authority to Connect [ATC], and Authority to Operate [ATO]).
• Execute risk reduction-based policies and procedures, and develop system specific comprehensive cybersecurity processes to include implementation of continuous monitoring.
• Document system architectures to support the cyber analysis, identification, selection, and tailoring of security and privacy controls necessary to protect the system.
• Provide expert level evaluation of designs and proposed implementation solutions to defend weapon systems and critical networks against malicious and non-malicious exploitation.
• Evaluate threat data and develop residual risk recommendations and mitigations to senior DoD and AF leadership based on identification and analysis of weapons vulnerabilities.
• Review and analyze interoperability requirements and shall review, develop and evaluate resultant specifications and internal and external Interface Control Documents (ICDs).
• Review and propose technical recommendations regarding critical technologies requiring Program Protection Plans (PPP), Anti-tamper (AT) plans, cyber findings, vulnerabilities, and risks.
• Ensure contractual documentation (such as Statements of Work and contract deliverable lists) incorporate cybersecurity requirements and conduct technical evaluations on vendors' proposals to ensure that cybersecurity requirements are properly addressed.
• Provide expert identification, documentation, and assessment of threats, cyber findings, vulnerabilities, attack scenarios, impacts if exploited, and likely timelines for exploitation.
• Provide stakeholders with on-time deliverables, RMF artifacts, cyber impact assessments, and approaches to meet growing ISR & SOF requirements.