OSC Edge

Cyber Security Engineer – A&A

OSC Edge

full-time

Posted on:

Location Type: Office

Location: QuanticoVirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

SeniorLead

Tech Stack

Cyber SecurityFirewallsLinuxTypeScriptVMware

About the role

  • Responsible for tasks related to Assessment & Authorization (A&A) to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications.
  • Participate in risk assessments of information systems to identify vulnerabilities, risks, and cyber protection needs.
  • Develop RMF documentation to include system security plan artifacts which include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, contingency plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other DoD and Navy mandated artifacts that comprise the Security Authorization Package.
  • Serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.
  • Perform weekly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities.
  • Conduct assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and NIST 800-53.
  • Prepare daily, weekly, and monthly reports detailing task and responsibility status.
  • Support Cybersecurity Test & Evaluation (CT&E) activities of system security engineering and program protection activities.
  • Monitor and execute compliance vulnerability scanning and uploads to the Navy VRAM database.
  • Update and validate policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations.
  • Provide IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports.
  • Perform system categorization; select, tailor security controls, implement, and test security controls.
  • Attend and lead meetings, work in collaborative a team environment to provide network stability and continuity.

Requirements

  • Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI
  • High School diploma or equivalent
  • Must be DoD 8570 certified at the IAT-III/ IAM-III level (CASP, CISM, CISSP, CCISO, CISA)
  • Minimum of seven (7) years of hands-on experience in the IT/Engineering field
  • Must have at minimum (2) years experience with DoN, DoD RMF process; must have completed full Navy or DoD RMF accreditation package from start to ATO issuance
  • Must have expert level knowledge of eMASS and experience in the development of Assessment and Authorization plans
  • In depth understanding of computer security, Department of Navy, and DoD cyber security policies
  • Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), VRAM, and other DoN, and DoD cybersecurity tools
  • Strong ability to communicate clearly and succinctly in written and oral presentations
  • Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven
  • Have knowledge in network, physical, systems and application security practices
  • Must be familiar with intrusion detection and prevention measures and practices
  • Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, , ACAS, Nessus, and SIEMs
  • Familiarity with DoD, NIST, RMF and FedRAMP processes
  • Excellent written and verbal communication skills
  • Knowledge of ACAS to create and execute scan jobs, reports, and able to troubleshoot non-compliant scans.
  • Knowledge of multiple architectures: Cisco, Linux, Windows, and VMWare
Benefits
  • Medical/ Dental/ Vision
  • Life insurance and AD&D
  • Flexible Spending
  • Accident, Critical Illness and Hospital Indemnity coverage
  • 401(k) and ROTH retirement options and company match
  • Pet Insurance
  • Identify Theft and Fraud Protection coverage

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Assessment & Authorization (A&A)Risk assessmentsRMF documentationCybersecurity control complianceSystem categorizationSecurity controls implementationIncident responseVulnerability managementNetwork securityTelecommunication architecture
Soft skills
CommunicationCollaborationLeadershipProblem-solvingAttention to detailReport writingTeamworkAnalytical thinkingAdaptabilityTime management
Certifications
DoD 8570 IAT-IIIDoD 8570 IAM-IIICASPCISMCISSPCCISOCISA