System Security Engineer (5168)

About The Position

Requirements

• Clearance Required: Secret
• US Citizenship is required for work on DoD contract
• Technical or Scientific BS or BA degree from an accredited college or university
• Minimum of seven (7) years of cyber-related experience, preferably in a DoD environment

Nice To Haves

• Program office experience highly desired
• Aviation engineering experience highly desired

Responsibilities

• Provide support to PMA-268 Cyber Leads in execution of the PMA-268 Cybersecurity Program.
• Provide support in drafting and reviewing Program Documentation, Policies and Plans.
• Coordinate with PMA-268 Cyber Leads when changes occur that might affect system’s security posture, cybersecurity authorization(s) and/or certifications.
• Lead product specific System Security Engineering activities for all systems within scope of IPT.
• Provide oversight of all IPT cybersecurity activities.
• Review system documentation to obtain and sustain Subject Matter Expert (SME) level knowledge of the system architecture, functionality and capabilities.
• Work closely with the IPT Class Desk and IPT Leadership to ensure early engagement when cybersecurity items may impact the program cost, schedule, or performance.
• Develop and maintain a cyber schedule to include a detailed Work Breakdown Schedule (WBS) for significant efforts.
• Provide input for SOWs, DIDs, and CDRLs for IPT contract activities.
• Identify, define and document system security requirements for incorporation of product specifications.
• Conduct derivation and traceability of cyber requirements.
• Track execution and performance of security measures to protect information and network infrastructure and computer systems.
• Conduct critical function analysis.
• Identify Mission Essential Functions (MEF).
• Lead Critical Program Information (CPI) assessments.
• Understand vulnerabilities and attack vectors that can impact the cyber posture of the systems/environment.
• Identify and recommend security solutions to PMA-268 Cyber Leads.
• Perform SSE duties in support of Cyber Survivability Risk Assessments (CSRA) and CYBERSAFE to include leading execution of collaborative development of artifacts and data (Objective Quality Evidence, Mission Critical Function/Component Traceability).
• Lead DFIA implementation efforts through definition of enclaves and enclave boundary protection requirements.
• Lead system security certification and registration activities (e.g. CSfC, CDS, Cryptographic Modules).
• Lead IPT cybersecurity activities.
• Initiate, communicate and coordinate with stakeholders and SMEs to address actions and RFIs required for IPT cybersecurity activities in a timely manner (no actions/RFIs to be stagnant for longer than 2 weeks).
• Lead IPT SSE Working Group (SSEWG) to coordinate with Contractors/Organizations supporting IPT cybersecurity efforts.
• Maintain awareness of authorization of Systems/Subsystems.
• Review all IPT cybersecurity CDRLs.
• Actively participate as a stakeholder in change management processes to ensure cybersecurity posture is not impacted due to a change.
• Coordinate Risk Management (Opportunities, Issues, Risks) activities with Risk Managers (Cyber, PMA, Product) to document, socialize and work mitigation steps.
• Assist IPT ISSO with defining Information Types, approval of CIA, review of POA&M, and review of hardware/software lists.
• Login to Microsoft Teams at the beginning of each day and have a headset to participate in Teams meetings.
• Be in person at the PMA-268 Program Office every Tuesday, Wednesday and Thursday unless pre-coordinated with PMA-268 Cyber Leads. Core office hours 0830-1430.
• Attend additional days in the office if there is work that requires in person/office presence to complete outside of the designated office days.
• Provide updates to Cyber Status Slide (weekly), Microsoft Planner Task Status (weekly), Task Tracker (weekly), and Cyber Schedule (biweekly).
• Ensure no actions are stagnant for longer than 2 weeks.
• Provide meeting summary notes for meetings attended to the PMA-268 cyber team for awareness.

Benefits

• health insurance
• paid leave
• retirement