Cyber/IA Engineer

Employer
DCS Corp
Location
Alexandria, VA
Salary
Competitive
Posted
Sep 10, 2021
Closes
Oct 15, 2021
Ref
3255
Function
Engineer, IT, QA Engineer
Hours
Full Time
DCS is looking for an experienced Cyber Security Information Assurance Engineer to join the team supporting Army Ground Combat Vehicle Systems and Software Integration and Test centers. Provide on-site Information System Security Officer (ISSO) / CyberSecurity Analyst/Engineer support to our Army customer in Warren, MI.

Essential Job Functions:

Compiles, develops, publishes, and maintains artifacts for the organization's DoD CyberSecurity Assessment and Authorization (A&A) Process utilizing the Risk Management Framework (RMF); prepares, develops, publishes, distributes, and maintains policy and plans, training, instructions, and guidance concerning CyberSecurity issues, and the Information Systems Security of IT systems and access to information from such systems.

Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organizations mission and goals.

Define and/or implement policies and procedures to ensure protection of critical infrastructure (as appropriate).

Ensure that CyberSecurity requirements are integrated into the continuity planning for that system and/or organization(s).

Ensure that protection and detection capabilities are acquired or developed using the Information System security engineering approach and are consistent with organization-level CyberSecurity architecture.

Perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems, security programs, policies, procedures, and tools.

Participate in the development or modification of the computer environment CyberSecurity program plans and requirements.

Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.

Preparation of Authorization System Documentation for submission to the Approving Authority (AO): Hardware and Software Lists, Hardware and Software diagrams, Plan Of Action and Milestones (POAM), Risk Assessment Report (RAR), Security Technical Information Guides (STIG), Manual and Inherited Security Controls, Firewall modifications for Ports and Protocols, CCB Charter and Documentation, Incident Response Plan, Contingency Plan, and Configuration Management Plan

Maintain thorough understanding of NIST 800-53/800-171 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM)

Conducts periodic surveys, audits and inspections to determine compliance with applicable regulations and policies, and reviews and evaluates the security impact of system changes, including interfacing with other automated systems.

Conducts risk/vulnerability assessments and detection/analysis to ensure compliance with customer programs and supports the Information System Security Manager (ISSM) / Information Systems Owner (ISO) in the management of CyberSecurity related program areas, projects, and actions to include, but not limited to DoD Ports, Protocols, and Services Management (PPSM) Registry, Public Key Infrastructure (PKI), Information Assurance Vulnerability Management (IAVM), CyberSecurity Policies, IT security incident handling, and the Anti-Virus (AV) protection program.

The CyberSecurity analyst/engineer is responsible for advising on protective measures that affect file access controls, software, and physical safeguards, vulnerability assessment scans, systems security evaluations and scans, audits, and reviews utilizing Secure Content Automated Protocol (SCAP) toolset and Security Technical Implementation Guides (STIGs).

Job Requirements

Due to the sensitivity of customer related requirements, U.S. Citizenship is required.

Knowledge of Risk Management Framework (RMF).

Twelve years of relevant experience with Bachelor's degree in one of the following but not limited to: Information Technology, Information Assurance, Computer Information Systems, Criminal Justice, or Engineering

Ability to Acquire and maintain security clearance and Single Scope Background Investigation (SSBI).

DOD 8570 IAT Level I certification (SANS Security Essentials, CISSP, Security +).

Experience with the classification process and the handling of classified material.

Excellent oral, written, and interpersonal communication skills and the ablity to liaison with outside agencies

Self-starter with ability to work independently, collaboratively, and customer service oriented

Possess high moral character and integrity.

Ability to travel (10-20%) to customer site(s).

Desired Skills:

Active Top Secret Clearance

DOD 8570 IAT Level II (SANS Security Essentials, CISSP, Security +), IASO Training, or equivalents

CAP and/or CEH certificates

Engineering development background Systems/Electrical/Computer/software

Project management

DOD Policy drafting and documentation

Ability to read network/electrical diagrams

Ability to employ scripting languages when required

Experience with Windows/Linux or similar operating environments

Experience with Network Architecture/Engineering

Similar jobs