The Senior Cyber Security Engineer will provide Security Engineering and Security Control Assessor-Validator (SCA-V) Supporting services to various military units. This support includes Risk Management Framework (RMF) validation testing (also referred to under the RMF as “assessment”) support to the Security Control Assessor (SCA). This includes supporting the Government in conducting validation preparation activities such as onsite staff assistance visits (SAVs) and other validation activities and generating RMF scorecards. You will also provide annual assessments for installations in accordance to Federal Information Security Modernization Act (FISMA) standards and requirements.
Preferred Education and Experience:
- CISSP and CCSP preferred
- Army-approved Network Operating Systems such as Microsoft Server Active Directory, Windows Server 2008, Windows Server 2012.
- Army-approved Client Operating Systems such as Microsoft Windows 7, Windows 10 and non- Microsoft Client Operating Systems, and their use in a Microsoft Active Directory Environment
- Army-approved patching utilities such as Microsoft System Center Configuration Manager (SCCM)/Microsoft Windows Server Update Services (WSUS), or any other DoD patching tools that will be used to implement Security Remediation Compliance.
- Army-approved network and boundary defense mechanisms such as routers, switches, firewalls and intrusion detection/intrusion prevention systems such as those made by Cisco, Juniper, or other network and boundary defense equipment and software vendors
- We offer competitive benefit plans for medical, dental and vision.
- Paid Time Off Accrued.
- Educational Assistant Program.
- Supplemental Insurance.
- Short Term / Long Term Disability Insurance.
- Paid Vacation, Holiday and Sick Leave.
- Retirement Plan with Employer Contribution match.
Assesses DoD Information Systems against the RMF security controls and Department of Defense Instructions 8500.01 and 8510.01, NIST SP 800-37, 800-53, and 800-53A, Army Regulation 25-1 and 25‐2, US Army Best Business Practices (BBPs) and applicable NETCOM Tactics, Techniques & Procedures (TTPs).
Effectively performs interviews of technical Subject Matter Experts (SMEs) as well as non-technical management personnel to ascertain the security posture of an IT system
Identifies mitigating factors for identified risks and proposes additional mitigation strategies for identified vulnerabilities
Evaluates a wide array of IT devices for Security Technical Implementation Guide (STIG) compliance using ACAS/ Nessus, SCAP Compliance Checker, and manual checklist reviews. This includes Windows, Solaris, and Red Hat Linux servers and desktops, routers, switches, firewalls, IDS, etc.
Submit findings input into the Enterprise Mission Assurance Support Services (eMASS) system or other Army approved tracking database
Clearance (required at performance start date): active Secret clearance with valid SSBI/Tier 5 Background Investigation
Bachelor’s degree in Computer Science, Information Technology, or a similar field with at least seven (7) years of related experience in the fields of security engineering, cyber security, or information assurance; two (2) years of hands-on SCA-V experience may be substituted in lieu of a degree
Current Information Assurance (IA) certification (required at performance start date): DoD 8570 IAM Level II (CAP, CISSP (or Associate), CASP CE, CISM, GSLC), or higher
Current Computing Environment (CE) certification (required at performance start date): MCITP, MCSE, MCP, CCNA-Security CEH, etc.
Experience with eMASS and a strong understanding of the CNSSI 1253 CCIs
Experience with Security Content Default Protocols (SCAP) Compliance Checker (SCC), NESSUS (ACAS), Information Assurance Vulnerability Management (IAVM) scanners (that is, tools utilized to meet DoD Security Configuration Compliance Validation.
Willingness and ability to travel up to 50%, depending on site validation schedule.
ContactsEmail: [email protected] Phone: +1-713-489-7277
The largest community on the web to find and list jobs that aren't restricted by commutes or a specific location.
Information Assurance Program Analyst
- Cinco International Group
Perform Cybersecurity support services to assist AF Cybersecurity Program Managers and Information System Security Officers/Managers at Davis-Monthan AFB AZ. Assist in maintaining effective programs that support missions and protects the confidentiality, integrity and availability of AF information resources.
Perform Cybersecurity support services to assist AF Cybersecurity Program Managers and Information System Security Officers/Managers at Davis-Monthan AFB AZ.