Serco

Senior Cybersecurity Engineer

Serco

full-time

Posted on:

Location: Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $119,575 - $199,291 per year

Job Level

Senior

Tech Stack

AssemblyCyber SecurityGo

About the role

  • Perform activities required within DoD Instruction 8510.01 DoD Risk Management Framework (RMF) to obtain Authorization to Operate (ATO) with Conditions or ATO prior to fielding TEAM SUB systems.
  • Develop RMF accreditation packages including System Authorization Boundary, Hardware/Software/Firmware list, Dataflow Diagram, Security Plan, POA&M, System Categorization, RMF Scorecard, SLCM Strategy, RAR, SAP, and SAR.
  • Identify security controls, work with system owners to implement and test controls, prepare required artifacts, and complete RMF actions on schedule.
  • Provide subject matter expertise regarding RMF package development and RMF process for a portfolio of approximately 200 systems.
  • Serve as Navy RMF Validator or Navy Qualified Validator (NQV) and independently validate cybersecurity artifacts uploaded to DoN eMASS.
  • Organize and assist with updating and coordinating records in the TEAM SUB Enterprise Cybersecurity portfolio across BMA, DIMA, EIEMA, and WMA ashore and afloat systems.
  • Validate accuracy of DON cybersecurity information systems (eMASS, PBIS, DITPR-DON, VRAM, DADMS, ERS Cybersecurity Scorecard on SIPR) and provide status to TEAM SUB staff.
  • Respond to data calls from DoD, DON, and NAVSEA organizations and review DITPR-DON and DADMS records for FISMA compliance.
  • Participate in TEAM SUB Enterprise/DON annual cybersecurity reviews, liaise with DON and NETWARCOM, coordinate reviews, and coach personnel to ensure compliance with DoDI 8500.01 and DoDI 5000.02.
  • Assist in investigation of inadvertent electronic spillages of classified information; draft and submit reports and coordinate investigations with NAVSEA, NCIS, DSS, and other authorities.
  • Initiate and coordinate remediation actions, track to closure, and educate personnel via training, Team Talks, and reminders to prevent future spillages.
  • Provide direct expertise to integrate cybersecurity into system lifecycles of TEAM SUB acquisition and life-cycle maintenance platform programs.

Requirements

  • An active or current DoD Secret clearance.
  • US Citizenship.
  • Bachelor's of Science Degree in computer science, management information systems, or related fields.
  • An Associate's Degree and 2 years of additional experience will be considered in lieu of Bachelor's Degree or a High School Diploma/GED and 4 years of additional experience will be considered in lieu of Bachelor's Degree.
  • 8 years of experience with RDT&E and Business IT systems and the phases of Certification and Accreditation (C&A) process or similar/related experience.
  • Submarine engineering experience or similar/related experience.
  • Experience working in a multi-disciplinary team consisting of systems engineers, electrical and electronics engineers, acquisition professionals, and logistics and sustainment professionals.
  • Qualification as a Navy Qualified Validator (NQV) or Information Security System Manager (ISSM) as defined by DoD Instruction 8510.01 - Risk Management Framework (RMF) for DoD Information Technology (IT).
  • Excellent project management skills with the ability to lead cross-functional teams effectively.
  • Ability to facilitate and coordinate efforts with key government and non-government stakeholders.
  • Ability to work with minimal supervision.
  • Strong quantitative, analytical and conceptual thinking skills.
  • Ability to work well within a time sensitive environment.
  • Ability to learn and grow individually, while mentoring junior team members effectively.
  • Ability to be flexible both in relation to job-specification and schedules.
  • Ability to solve problems and interact with senior management on complex technical issues.
  • Ability to work both in a team environment and independently under short, multiple deadlines.
  • Ability to travel up to 10% of the time; some travel outside the DC area may be required.
  • Additional desired: 10 years of experience in an Information Assurance (IA) or C&A related field.
  • Familiarity with and understanding of Navy IT sites, systems, and infrastructure.
  • Experience working with Navy C&A efforts as a Navy Validator.
  • Demonstrated oral and written communication skills.
  • Experience working in DoD or DoN environments is preferred.
  • Experience supporting a submarine acquisition program.
  • Active NNPI account and CAC.
  • 5 years of experience with Navy acquisition and Submarine Programs (desired).
  • Active-Duty Experience in the submarine service (desired).
  • Recent experience in Team Submarine (desired).
  • Knowledge of naval ships/submarines, ship systems, or subsystems.