Cyber Security Engineer
Contract 40 hours weekly, 9+ months
Remote is authorized, Covid 19 Pending
Active Top Secret
Major Duties & Responsibilities: Support all functional disciplines to ensure proper cyber security activities are executed. Support full integration of cyber security into all phases of acquisition, upgrade, and modification programs, including design, development, testing, fielding, operation, sustainment, and DoD Assessment and Authorization (A&A) Risk Management Framework (RMF). Coordinate with COCOM and Area of Responsibility (AOR) Authorizing Officials for authorities related to system fielding. Oversee cyber security processes, procedures, and functions to include reviewing data and assessing compliance and cyber security posture for systems. Provide cyber security A&A support services and assist the government in preparing system cyber security documentation related to operations and A&A. Review cyber security documentation to ensure satisfaction of Security Engineering and Assessment requirements system control identification), to include reviewing implementation and validation plans. Assist with the entry and review of entered information to the Enterprise Information Technology Data Repository (EITDR). Assist with the preparation and review of Federal Information Security Management Act (FISMA) documentation. Assess system compliance and enter in Enterprise Mission Assurance Support Service (eMASS). Collect, review, and generate documentation in support of cross-domain solution approvals (CDSAs) and monitor CDSAs for expiration. Assist the program office in cyber security requirements and solutions, source selection documentation, and task orders in regards to cyber security. Utilize NIST 800 series special publications in the development of new system artifacts to ensure compliance with new RMF requirements and to interpret requirements as necessary to ensure system compliance or provide operational justification when deemed necessary.
Qualifications: 15+ years experience in cyber security or information assurance including at least 5 years in a DoD environment. Bachelor’s degree in a related field. Must be CISSP certified (or hold equivalent certification that meets the DoD 8570 IAT III requirement). Experience with the certification and accreditation (C&A), assessment and authorization (A&A), and Risk Management Framework (RMF). Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Must have experience with acquisition and sustainment. Understanding of system audit principles and security risk assessment. Must have a solid understanding of network infrastructure and mission assurance. Experience with Quick Reaction Capability is preferred. Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with all levels of an organization. Must be willing to travel to CONUS and OCONUS sites when necessary. Must be a US Citizen and hold an active Top Secret clearance.