Cyber Security Engineer - Quantico, United States - OSC Edge

    OSC Edge
    OSC Edge Quantico, United States

    4 weeks ago

    Default job background
    Description
    Cyber Security Engineer (A&A) with DoN/DoD experience

    Location:
    Quantico, VA (Onsite five days a week)


    The Cyber Security Engineer will be responsible for tasks related to Assessment & Authorization (A&A) to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications.

    In this role, the Cyber Security Engineer will conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs.

    Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.


    Responsibilities:

    • Develops RMF accreditation artifact documentation to include Risk Assessment Report (RAR), Information Security Continuous Monitoring (ISCM) Strategy, Security Authorization Package, engineering documentation, network drawings, and related documentation as required by DoD and DoN accreditation standards
    Develops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO certifications.
    Performs monthly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities.
    Conducts FISMA assessments of cybersecurity control compliance in accordance with DoDI , DoDI , CNSSI 1253 and the Cybersecurity Strategy

    • Prepare daily, weekly, and monthly reports detailing task and responsibility status
    • Develops, reviews, and maintains RMF artifacts for RMF compliance.

    Supports Cybersecurity Test & Evaluation (CT&E) or Developmental Test & Evaluation (DT&E) activities of system security engineering and program protection activities.


    • Drafts authorization artifacts in accordance with customer requirements.
    • Monitors and executes compliance as defined by VRAM for the DoN.
    Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
    Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports

    • Performs system categorization; select, tailor security controls, implement, and test security controls
    Attends and leads meetings, works in collaborative a team environment to provide network stability and continuity
    Performs other tasks as required by OSC and the Government contracting office.


    Required Qualifications/Education and Experience:
    Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI
    High School diploma or equivalent
    Must be DoD 8570 certified at the IAT-II/ IAM-II level
    Minimum of seven (7) years of hands-on experience in the IT/Engineering field
    Must have at minimum (2) years' experience with DoN, DoD RMF process; must have completed full Navy or DoD RMF accreditation package from start to ATO
    Must have strong working experience with eMASS and experience in the development of Assessment and Authorization plans
    In depth understanding of computer security, Department of Navy, and DoD cyber security policies
    Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), other DoN, and DoD cybersecurity tools
    Strong ability to communicate clearly and succinctly in written and oral presentations
    Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven
    Have knowledge in network, physical, systems and application security practices
    Must be familiar with intrusion detection and prevention measures and practices
    Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, HBSS, ACAS, Nessus, ARCSIGHT and SIEMs
    Familiarity with DoD, NIST, RMF and FedRAMP processes
    Excellent written and verbal communication skills
    Experience running ACAS scans

    Knowledge of multiple architectures:
    Cisco, Linux, Windows, and VMWare


    Preferred Qualifications:
    Bachelor's degree (preferably in Information Technology, Information Management, or Cyber Security)
    Certified Information Systems Security Professional (CISSP) certification
    Meet or exceed OPNAVINST 5239 requirements to be certified as Intermediate Qualified Level Navy Validator

    Equal Employment Opportunity/M/F/disability/protected veteran status

    FULL Benefits - Medical /Vision/ Dental/401k/PTO/11 Paid Federal Holidays and More

    #LI-DNI

    #J-18808-Ljbffr