Cybersecurity Systems Security Engineer (SME)

Location
Aberdeen Proving Grounds, Maryland
Posted
Aug 12, 2022
Closes
Sep 16, 2022
Ref
22310
Function
IT
Hours
Full Time
Summary

The Cybersecurity Systems Security Engineer (SME) will serve as the on-site lead for the cybersecurity engineers. The Cybersecurity Systems Security Engineer (SME) will be responsible for team tasking, deliverables, and managing project artifacts. The Cybersecurity Systems Security Engineer (SME) shall provide the support task requirements for Cybersecurity System Engineering Support, Cybersecurity Network Domain Certification and Accreditation Support, and Cross Domain Solution (CDS) Assessment and Authorization (A&A) Support. The Cybersecurity Systems Security Engineer (SME) will perform the tasks in coordination with government personnel to provide the cybersecurity support services and solutions necessary to analyze, assess, integrate, enhance, improve, modernize, implement, test, sustain, and maintain the DCGS-A cybersecurity posture and capabilities.

Responsibilities
  • Provide cybersecurity system engineering support for the DCGS-A program that consists of accurate identification, documentation, and testing of security controls for system assessments.
  • Perform the engineering analysis, design, implementation, development of interoperability artifacts, documentation updates, and maintenance of the DCGS-A Cross Domain Solutions (CDS) which are the Top Secret and Below Interoperability (TSABI) and Secret and Below Interoperability (SABI) CDS Subsystems.
  • Perform analysis and evaluate all system designs and implementations that are consistent and compliant with the DoD and Army policies, requirements, and directives.
  • Develop and recommend action plans to address system security issues, audit readiness, and compliance requirements and issues.
  • Perform the daily execution of technical cybersecurity operations for the various network domain environments and production baselines to ensure operational readiness.
  • Assess cybersecurity impacts for proposed changes, assess conformance and compliance with cybersecurity requirements for the new release capabilities, and ensure the infrastructure will support all DCGS-A cybersecurity implementations.
  • Analyze and evaluate the DCGS-A baseline for compliance with National Institute of Standards & Technology (NIST) security implementation guidelines (NIST SP 800 Series), Defense Information Systems Agency (DISA), Security Technical Implementation Guidance (STIG), Department of Army Information Assurance Best Business Practice (BBP) Checklists, and Security Requirements Guides (SRG).
  • Perform the security assessments of the DCGS-A systems in the fielded environment to assess the security posture of the systems and the technical compliance with the requirements and validate security relevant configurations of the systems.
  • Support the engineering team to remediate existing issues and/or to develop compensating controls that minimize the impact, likelihood, and/or risk.
  • Monitor employee productivity and provide constructive feedback and coaching to ensure program success.
  • Design enterprise and systems security throughout the development lifecycle and translate technology and environmental conditions (e.g., Federal Law, Intelligence Community (IC), DoD regulations and policies.) into security designs and processes.
  • Design, develop, and implement enclave security requirements in accordance with applicable Intelligence Community, DoD, and Army cybersecurity and Information Assurance (IA) regulations, policies, and organizational security policy in Information Systems (ISs). ISs includes Cross Domain Solution Suites (CDSS), Tactical, Cloud, On-Prem, etc., within the program's portfolio.
  • Provide subject matter expertise and analysis to bridge the gap between high level security requirements and policies and ensure their integration into information technology component products and information systems through purposeful security design or configuration.
  • Provide security consultation/guidance and engineering to PM product owners, customers, system owners and developers, and maintain security process coordination within the department's lifecycle management and governance process.
  • Develop and integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).
  • Employ secure configuration management processes.
  • Draft, develop, and update CM process and procedures.
  • Ensure acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Develop and maintain applicable artifacts to support ISs A&A RMF requirements.
  • Work with the Assessment and Authorization (A&A) team to maintain RMF BOE to support the Authority to Operate (ATO) and meet all FISMA obligations.
  • Other duties as assigned

Qualifications
  • MA/MS degree in a Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security,
  • Information Technology, Information Security, and Information Systems) and 10+ years of experience OR
  • BA/BS degree in a Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security,
  • Information Technology, Information Security, and Information Systems) and 15+ years of experience.
  • Demonstrated experience and familiarity with DoD and Army Cybersecurity Polices and Regulations and Certification and Accreditation (C&A) process, including the provisions of ICD 503 and the planning and execution of Security Test and Evaluation (STE) and Cybersecurity Test and Evaluation (CTE) events
  • DoD 8570 IASAE III certified
  • Linux+ within 30 days of hire
  • Possess and maintain a valid state operator's license
  • Must be able to travel up to 25% of the time
  • TS/SCI clearance required
  • The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief

Knowledge, Skills and Abilities
  • Strong demonstrated collaboration skills and ability to work across multiple organizations to realize a common mission-focused objective.
  • Knowledge of current and new cyber/IT systems architectures, life-cycle processes, integration and interoperability, design operations and configuration, facilities, practices and methodology across the Government, private industry, and academia.
  • Ability to advise other IT experts throughout the agency or in other agencies on a variety of situations and issues that involve applying or adapting new theories, concepts, principles, standards, methods, or practices.
  • A broad knowledge and understanding of DoD and Army Cybersecurity policies, tools, and techniques.
  • Understanding of the Risk Management Framework (RMF) process.
  • A deep understanding of Enterprise Mission Assurance Support Service (eMASS) and/or XACTA.
  • Ability to validate risk assessments and develop Plans of Actions and Milestones (POA&M) to assist the PM and ISOs in the mitigation of cybersecurity weaknesses, providing solutions and mitigation actions for each assessed item.
  • Ability to review and monitor the DCGS-A IS and networks A&A status, including success or failures to obtain Authority to Operate (ATO) or Interim Authority to Test (IATT), as appropriate.
  • Ability to work independently without direct supervision or guidance.
  • Ability to occasionally work after hours and/or on-call support.
  • Ability to meet minimum security clearance requirements.

#Chenega Decision Sciences, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program

Similar jobs