Systems Engineer

About The Position

Requirements

• Facilitating TEMs with cloud service providers to review cloud service architectures
• Maintaining A&A packages across multiple services/systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253
• Designing, implementing, assessing or reviewing systems utilizing cloud technology with AWS, Oracle Cloud, Google Cloud, or Microsoft Azure
• Utilizing or reviewing cross domain technology and common architecture designs
• Continuous monitoring requirements including scan analysis with tools such as Rapid 7, Nessus, and Qualys
• Creating, monitoring, or closing POA&Ms
• Utilizing compliance tools such as Xacta 360, Risk Vision, RSA Archer
• Common control provider concept within the NIST RMF
• Security control assessments including working with SCAs and preparing security packages
• Information system security engineering activities
• Project management including planning, task tracking, milestone management, and resource coordination
• Developing and maintaining program metrics, performance indicators, and compliance status dashboards
• Preparing technical reports, program highlights, status briefings, and leadership communications
• US Citizenship
• Active U.S. Government Top Secret Security Clearance with a Full Scope Polygraph

Nice To Haves

• Using the Sponsor's or IC element A&A process
• Creating or reviewing A&A body of evidence documentation in a cloud security environment
• Identifying, implementing, or reviewing appropriate information security controls
• Working in Xacta 360
• Experience with Sponsor's A&A tools

Responsibilities

• Facilitating TEMs with cloud service providers to review cloud service architectures
• Maintaining A&A packages across multiple services/systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253
• Designing, implementing, assessing or reviewing systems utilizing cloud technology with AWS, Oracle Cloud, Google Cloud, or Microsoft Azure
• Utilizing or reviewing cross domain technology and common architecture designs
• Continuous monitoring requirements including scan analysis with tools such as Rapid 7, Nessus, and Qualys
• Creating, monitoring, or closing POA&Ms
• Utilizing compliance tools such as Xacta 360, Risk Vision, RSA Archer
• Common control provider concept within the NIST RMF
• Security control assessments including working with SCAs and preparing security packages
• Information system security engineering activities
• Project management including planning, task tracking, milestone management, and resource coordination
• Developing and maintaining program metrics, performance indicators, and compliance status dashboards
• Preparing technical reports, program highlights, status briefings, and leadership communications

Benefits

• 100% employer-paid health coverage
• a 6% 401(k) match
• PTO
• tuition reimbursement
• bonuses
• professional development