Cyber/Info Assurance Engineer

Aurora, CO

Job ID: 132550 Industry: Gov InfoSoft
 
 

ISSE/ Info Assurance/Engineer

CANDIDATE MUST HOLD A TS-SCI

Background:

This program is transitioning to O&M and switching environments between development environments.  This  Cyber security Systems Engineer will apply system security engineering principles to provide realistic solutions designed to enhance the security posture. Identify threats and develop appropriate protection measures, review system changes for security implications and recommend improvements, research and draft Cybersecurity white papers, and provide top tier support to the Cybersecurity operations staff for resolving complex Cyber security issues. The Cybersecurity Systems Engineer will apply extensive technical expertise, and is able to communicate effectively and clearly present technical approaches and findings. They will develop technical solutions to complex problems which require the regular use of ingenuity and creativity. Additionally they will exercise  considerable latitude in determining technical objectives of assignment. Completed work is reviewed from a relatively long- term perspective, for desired results.

Day to Day:

The Cybersecurity Systems Engineer will develop and maintain a system-level Plan of Actions and Milestones (POA&M). Successful candidate will be able to evaluate different network and enclave configurations with respect to the DODI 8510.01 and NIST 800-53 Security Controls and formulate effective Risk Management Framework (RMF) processes & accreditation packages. Also they will have experience with ICD 503 Compliance and Hardening. They will  write RMF-based policies and procedures, and develop sound Cybersecurity processes to include implementation. Successful candidate will be accountable for quality work products. Must be able to prioritize and execute tasks and enjoy working in a collaborative team environment, prepare coherent and concise documentation required for security assessment and authorization.

Job responsibilities may include the following:

•  Develop sound Cybersecurity processes to include implementation of RMF-based policies and procedures.

•  Conduct assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.

•  Execute vulnerability assessments; ensure mitigation of risks and support obtaining certification and accreditation of systems.

•  Support the formal security assessment process required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.

•  Document the results of RMF activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.

•  Conduct technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyses for total systems.

•  Perform analyses at all levels of total system product to include: concept, design, fabrication, test, installation, operation, maintenance and disposal.

•  Ensure the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints. Perform functional analysis, timeline analysis, detail trade studies, requirements allocation and interface definition studies to translate customer requirements into hardware and software specifications.

 

Required Skills:
  • Working with a variety of built-in and third-party Linux security tools and solutions
  • Designing Linux security solutions
  • ICD 503 compliance experience
  • hardening questions
  • identifying vulnerabilities
  • NIST experience
  • Determine how security and build scripts were put together and modify them

  • 1. RMF (RISK MANAGEMENT FRAMEWORK EXPERIENCE)

    2. ICD 503 experience

    Process improvement 

    RMF is not as important a skill for this position.  More of a nice to have.  The team  really needs someone, probably with more of a developer background, but IT background may be also be OK:

    3. Hardening questions

    4. Scan run expereince

must have security plus PREFERRED CISSP 

Desired Skills:

aws

cissp

Customer experience at least once in their career

Bachelor’ s degree

6-9 years of relevant experience
 

Job Type: Full Time  

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: