Job Number: R0107547
Assessment and Authorization Cybersecurity Engineer Administrator, Senior
Help customers overcome their most difficult challenges by integrating secure practices to support Assessment and Authorization (A&A) efforts under the DoD Risk Management Framework (RMF), including Authorization to Operate (ATO) package generation, artifact evaluation, and control validation. Maintain responsibility for requirements generation for all new acquisitions and major system modifications, including defining security aspects of system architectures, determining Security Test and Evaluation (ST&E) requirements and methodologies, and conducting analytical risk management activities related to the development, operation, and maintenance of DoD information systems. Perform security assessment and compliance activities by using assessment tools and procedures and security technical implementation guides (STIGs). Prepare client systems for assessment by running security test procedures (STPs), the security content automation protocol (SCAP)compliance checker (SCC), and assured compliance assessment solution (ACAS) scans. Support the research of emerging technology, requisite security requirements, and emerging threats and develop a way forward to meet organizational goals. Apply expertise in technology, analyze the security implications of systems and applications security, and provide recommendations to decision-makers and engineers. Provide Cybersecurity and consulting throughout the security assessment and compliance life cycle process.
- 5 years of experience with the application of Cybersecurity standards
- Experience with evaluating security vulnerabilities and formulating mitigation strategies for networked and non-networked systems
- Experience with evaluating Cybersecurity compliance of a system against current RMF and DoD Cybersecurity policies
- Knowledge of DoD Security Content Automation Protocol (SCAP) or commercial toolsets that include Nessus, Retina, or Nipper Studio
- Ability to obtain a security clearance
- BA or BS degree
- Experience with the Enterprise Mission Assurance Support Service (eMASS), DoD developing or analyzing security test and evaluation reports
- Experience with the design and deployment of Defensive Cybersecurity Operation (DCO) methodologies or toolsets
- Experience with the design and development of Enterprise Information, Cybersecurity services and virtualized architectures
- TS/SCI clearance
- MA or MS degree
- DoD 8570.01-m IAT Level III, IAM Level II, or IASAE Level I Certification, including CAP, CASP CE, CCNP Security, CISA, CISSP, GCED, or GSLC
- DoD 8570.01-m CSSP Certification, including CEH, CSA+, CISA, CISM, GCIA
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website