The Cybersecurity Engineer utilizes in-depth understanding and experience in the legacy DoD Information Assurance Certification and Accreditation Process (DIACAP), current DoD Risk Management Framework, Platform IT (PIT), and the implementation of Cyber Security and IA boundary defense techniques and various IA-enabled appliances to facilitate certification and security engineering tasks in support of the customer’s system security objectives.
Essential Job Functions:
Author Certification and Accreditation (C&A) and RMF artifacts to document a system from an IA perspective.
Research and apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations. Plan, Develop, execute and document results of security test procedures.
Lead the analysis and testing of a designated US Naval warfare system against known vulnerabilities based upon security approaches and known hacker techniques and exploits.
Lead Risk Management Framework (RMF) efforts to obtain Authorization to Operate (ATO) or transition legacy DIACAP ATOs to RMF and resolve issues in the event a US Naval warfare system holds an Interim ATO (IATO).
Due to the sensitivity of customer-related requirements, U.S. Citizenship is required.
A High School Diploma or GED with a minimum of 13 years of experience, an Associates Degree with 7 years of experience, a Bachelors Degree plus 5 years of experinece or a Masters Degree plus 4 years of experience is required.
Must be able to obtain and maintain a Secret security clearance within 6--9 months of hire.
Requires 5 years’ specific experience analyzing and securing DoD or information technology systems for compliance with Cyber Security policies and requirements.
IAT Level II or Level III certification in accordance with DoD 8570.01.
Familiarity with the DISA Enterprise Mission Assurance Support Service (eMASS) application as used to develop, manage and track IA artifacts.
Familiarity with the process and procedures used to derive, document and/or identify system CONOPS for Mission Assurance Categorization per DoDI 8500.2.
Must be proficient in the use of the MS Office Suite (MS Word, MS Excel, MS Visio) and other tools to develop required system documentation
Must be familiar with security control selection, implementation and assessment processes as they relate to preparing and reviewing/monitoring DAICAP and RMF packages.
Familiarity with preparation and execution of an Information Assurance Vulnerability Management (IAVM) Plan.
Understanding of computer security, military system specifications, DoD IA policies and the ability to communicate clearly and succinctly in written and oral presentations.
Desired Skills:Appointment as a Qualified Navy Validator (Level II) highly desired. Familiarity with Navy Combat Systems. Bachelor’s (BS/BA) degree. Experience researching, assessing and performing continuous monitoring under the RMF process in accordance with DoD 8510.01 and NIST Publication. Working knowledge of the Vulnerability Remediation Asset Manager (VRAM) system.