Information Systems Security Engineer (SME)

Location
Aberdeen Proving Grounds, Maryland
Posted
Jun 18, 2022
Closes
Jun 24, 2022
Ref
21991
Function
IT
Hours
Full Time
Summary

The Information Systems Security Engineer (SME) will provide the support task requirements for Cybersecurity System Engineering Support, Cybersecurity Network Domain Certification and Accreditation Support, and Cross Domain Solution (CDS) Assessment and Authorization (A&A) Support. The Information Systems Security Engineer (SME) will perform the tasks in coordination with government personnel to provide the cybersecurity support services and solutions necessary to analyze, assess, integrate, enhance, improve, modernize, implement, test, sustain, and maintain the DCGS-A cybersecurity posture and capabilities.

Responsibilities
  • Provide project management support and oversight of all Cybersecurity Network Domain Certification and Accreditation Support for PM DCGS-A.
  • Support development and updates to project management artifacts, like the Program Management Plan (PMP), Integrated Master Schedule (IMS), and the Quality Assurance Surveillance Plan (QASP).
  • Provide input to support development and delivery of reports, like Monthly Status Reports (MSR) and In-Process Reviews (IPR).
  • Lead teams in support of cybersecurity network domain Certification and Accreditation (C&A) support and execution activities, including DCGS-A network domain operations requirements for the following networks, Joint Worldwide Intelligence Communications System (JWICS), Secret Internet Protocol Router Network (SIPRNET), National Security Agency Network (NSANET), Non-Secure Internet Protocol Router Network (NIPRNET), and other special or specific coalition networks.
  • Perform the necessary efforts to analyze, assess, evaluate, integrate, improve, implement, test, sustain, and maintain the DCGS-A cybersecurity posture and capabilities required by the network domain operations compliance requirements.
  • Develop and prepare the required security control documents or artifacts and conduct security control assessments and security test and evaluation required by the respective network authorities and C&A processes, like the Risk Management Framework (RMF).
  • Perform all necessary cyber domain activities to ensure the DCGS-A baselines follow the respective network domain mandated standards and authorization to connect requirements.
  • Develop and document security design artifacts and the associated security controls that are meeting the security acceptance criteria and package the accreditation and authorization documents in support of each domain certification and accreditation process.
  • Prepare and document the risk mitigations and maintain and update the Plan of Action and Milestones (POA&M) as required by the network domain Authorizing Official (AO).
  • Lead the support of Assessment and Authorization (A&A) or other RMF and cybersecurity Compliance and Auditing processes and inspections for all enterprise systems and networks ensuring validity and accuracy review of all associated documentation.
  • Analyze and define security requirements for information protection for enterprise systems and networks.
  • Assist in the development of security policies.
  • Analyze the sensitivity of information and perform vulnerability and risk assessments based on defined sensitivity and information flow.
  • Assess security risk, research, and recommend countermeasures in accordance with Army and DoD requirements, and conduct formal security engineering assessments and security assessments.
  • Lead a team of cybersecurity validators to ensure that US Army systems are compliant with NIST Special Publication 800-53 cybersecurity controls.
  • Support on-site accreditation testing for PM DCGS-A networks at CONUS and OCONUS locations.
  • Other duties as assigned

Qualifications
  • MA/MS degree or a bachelor's degree and 2+ years of additional experience may be used in lieu of a master's degree
  • 5+ years of working experience directly related to DoD cybersecurity certification and accreditation or cybersecurity engineering activities
  • Demonstrated experience, and familiarity with DoD and Army Cybersecurity Polices and Regulations and Certification and Accreditation (C&A) process, including the provisions of ICD 503 and the planning and execution of Security Test and Evaluation (STE) and Cybersecurity Test and Evaluation (CTE) events
  • Minimum CISSP, CISM, or equivalent certifications
  • DoD 8570 IAM III certified
  • 10+ years of experience and a MA/MS (additional years of experience may be used in lieu of degree)
  • Linux+ certification
  • Ability to travel up to 30% of the time
  • The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief

Knowledge, Skills and Abilities
  • Ability to quickly comprehend the functions and capabilities of new technologies.
  • Ability to effectively adapt to rapidly changing technology and apply it to business needs.
  • Possess and maintain a valid state operator's license.
  • Ability to work independently without direct supervision or guidance.
  • Ability to occasionally work after hours and/or on-call support.
  • Ability to meet minimum security clearance requirements.

#Chenega Decision Sciences, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program

Similar jobs