Cybersecurity Engineer

Washington D.C.
Mar 25, 2019
Mar 25, 2019
Full Time

Occasional travel - Occasional Travel Required

Relocation expenses reimbursed No

  • US Citizenship is required.
  • Designated or Random Drug Testing required.
  • Security Investigation
    As a condition of employment at NGA, persons being considered for employment must meet NGA fitness for employment standards.

    - U.S. Citizenship Required
    - Security Clearance (Top Secret/Sensitive Compartmented Information)
    - Polygraph Test Required
    - Position Subject to Drug Testing
    - Two Year Probationary Period
    - Direct Deposit Required

    You must be able to obtain and retain a Top Secret security clearance with access to Sensitive Compartmented Information. In addition, you are subject to a Counterintelligence Polygraph examination in order to maintain access to Top Secret information. All employees are subject to a periodic examination on a random basis in order to determine continued eligibility. Refusal to take the examination may result in denial of access to Top Secret information, SAP, and/or unescorted access to SCIFs.

    Employees with SCI access and who are under NGA cognizance are required to submit a Security Financial Disclosure Report, SF-714, on an annual basis in order to determine continued eligibility. Failure to comply may negatively impact continued access to Top Secret information, Information Systems, SAP, and/or unescorted access to SCIFs.

    NGA utilizes all processes and procedures of the Defense Civilian Intelligence Personnel System (DCIPS). Non-executive NGA employees are assigned to five distinct pay bands based on the type and scope of work performed. The employee's base salary is established within their assigned pay band based on their unique qualifications. A performance pay process is conducted each year to determine a potential base pay salary increase and/or bonus. An employee's annual performance evaluation is a key factor in the performance pay process. Employees on term or temporary appointments are not eligible to apply for internal assignment opportunity notices.

    This position is a DCIPS position in the Excepted Service under 10 U.S.C. 1601. DoD Components with DCIPS positions apply Veterans' Preference to preference eligible candidates as defined by Section 2108 of Title 5 USC, in accordance with the procedures provided in DoD Instruction 1400.25, Volume 2005, DCIPS Employment and Placement. If you are an external applicant claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must self-identify your eligibility in our ERecruit application.

    WORK ROLES Cybersecurity Service Providers: Protect, monitor, analyze, detect, and respond to unauthorized activity associated with NGA computer networks. They collect information and data to identify, analyze, and report events and incidents that may impact the network. They respond to crises or urgent situations and support the mitigation of immediate and potential threats. They also perform audit assessments of systems and networks to identify deviations from acceptable configurations and policy. Specific duties may include: * Coordinate computer security incident response activities against threats to include, but not be limited to: viruses, worms, Trojan horses, other malicious code, system security breaches, and cyber-terrorist attacks. * Provide DoD-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows. * Inform the Intelligence Community (IC) of priority intelligence requirements (PIR) and indications and warning requirements for potential attacks against DoD information systems and computer networks. * Provide oversight and technical monitoring of contractor support teams which are tasked to execute and deliver a variety of cybersecurity tasks, functions and projects. Information System Security Engineer (ISSE): Contribute in and/or lead a team of ISSEs that capture, refine, and translate information systems security requirements for NGA information systems and component products. As an integral part of the larger assessment and authorization (A&A) cybersecurity team, assists programs and developers in the design and development of information systems, as well as, changes to legacy systems. Coordinate their security related activities with information system (IS) architects, information security officers, information system owners, common control providers, and Delegated Authorizing Officials. Information System Security Engineers (ISSEs) focus on security theories, principles and practices of systems security engineering from a life cycle perspective. Derive security requirements and work with developers to design and develop secure systems, and analyze the security posture of deployed systems. ISSEs provide expertise to inform risk assessments and the development of mitigations in accordance with the Risk Management Framework defined by the National Institute of Standards and Technology (NIST) and regulatory directives and guidelines for federal information systems and national security systems, e.g., NIST SP 800-53, CNSS Instruction 1253. Specific duties may include: * Responsible for work direction of team of contractor ISSEs to identify, define, accomplish, and track cybersecurity automation and optimization projects to completion. * The ISSE is responsible for conducting engineering activities that capture and refine information security requirements and ensure that the requirements are effectively integrated into ISs through purposeful security architecting, design, development, and configuration. * ISSEs work with system owners and developers to ensure an effective SecDevOps Pipeline that reduces risks and accelerates development, assessment, and authorization of capabilities. * The ISSE ensures all NGA IS security requirements are consistent with national, DoD, and IC security guidelines. * The ISSE informs programs of best practices when implementing security requirements within an IS including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. * Reviews proposed new or modified IS designs to determine the adequacy of the security features and assurances and makes recommendations to the PM for improvements. * Consults with Program Management Offices (PMOs) to ensure that IS specifications reflect applicable security requirements. * ISSEs maintain an in-depth knowledge of emerging technologies and leverage critical thinking to incorporate the knowledge to interpret and implement security requirements into future releases. Security Control Assessor (SCA) Capture, refine, and translate information systems security requirements for IT systems and component products. They support the development of computer systems and/or the modification of computer applications and programs to integrate information system security protocols. They monitor security controls, assess threats and vulnerabilities, mitigate adverse impacts, and/or perform computer forensics on NGA systems and networks. Specific duties may include: * Assess and mitigate system security threats/risks throughout the program life cycle, and execute security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations * Perform or review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies * Support security authorization activities in compliance with NGA guidelines, and oversight Information Systems and security engineering governance and business processes Security Architect - Cybersecurity Engineer: Security Architects design enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes. They also develop and maintain business, systems, and information technology (IT) processes to support enterprise mission needs and requirements. Specific duties may include: * Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. * Develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements. * Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. * Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. * Ensure acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines. * Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).

    DESIRABLE QUALIFICATION CRITERIA: In addition to the mandatory qualifications, experience in the following is desired: 1. Experience with virtual, cloud computing, data technologies and concepts; 2. Experience developing system requirements; 3. Demonstrated ability to balance security compliance with program cost, schedule, performance, or mission needs; 4. Demonstrated skills applying and incorporating security solutions into proposed information technologies; 5. Making decisions in ambiguous situations; taking available information and making focused and prompt judgment calls; adapting to change, setting priorities quickly and moving forward confidently without having all the desired information, when necessary; 6. Information Technology (IT) or Systems Planning, Research, Development and Engineering experience; 7. Degree and/or Certifications technical disciplines such as: Cybersecurity, Information Security, Computer Science, Information Technology, Information Systems, Systems Engineering, Electrical Engineering, Physics, Mathematics.

    Read more

    You will be evaluated for this job based on how well you meet the qualifications above.

    Applicants are not required to submit a cover letter. The entire cover letter cannot exceed the specified limits provided in the Cover Letter field (3,000 characters). Pages exceeding this limit will not be considered. THE COVER LETTER IS RECOMMENDED BUT IS NOT REQUIRED FOR EMPLOYMENT CONSIDERATION WITH THE NATIONAL GEOSPATIAL-INTELLIGENCE AGENCY.

    APPLICANT EVALUATION PROCESS: Applicants will be evaluated for this job opportunity in three stages: 1) All applicants will be evaluated using the Mandatory Qualification Criteria, 2) Qualified applicants will then be evaluated by an expert or panel of experts using a combination of qualification criteria to determine the best-qualified candidates, 3) Best-qualified applicants may then be further evaluated through an interview process. Applicants are encouraged to carefully review the Assignment Description, Additional Information Provided By the Selecting Official, and the Qualification Requirements; and then construct their resumes to highlight their most relevant and significant experience and education for this job opportunity. This description should include examples that detail the level and complexity of the performed work. Applicants are encouraged to provide any education information referenced in the announcement. If education is listed as a mandatory requirement, only degrees obtained from an institution accredited by an accrediting organization recognized by the Secretary, US Department of Education will be accepted. As a condition of employment at NGA, persons being considered for employment must meet NGA fitness for employment standards. In accordance with section 9902(h) of title 5, United States Code, annuitants reemployed in the Department of Defense shall receive full annuity and salary upon appointment. They shall not be eligible for retirement contributions, participation in the Thrift Savings Plan, or a supplemental or redetermined annuity for the reemployment period. Discontinued service retirement annuitants (i.e., retired under section 8336(d)(1) or 8414(b)(1)(A) of title 5, United States Code) appointed to the Department of Defense may elect to be subject to retirement provisions of the new appointment as appropriate. (See DoD Instruction 1400.25, Volume 300, at All candidates will be considered without regard to race, color, religion, sex, national origin, age, marital status, disability, or sexual orientation. NGA provides reasonable accommodations to applicants with disabilities. Applications will only be accepted online. If you need a reasonable accommodation for any part of the application and hiring process, please notify us at The decision on granting reasonable accommodation will be on a case-by-case basis.

    Read more Security clearance Sensitive Compartmented Information

    Drug test required Yes

    Similar jobs