Cyber Security Engineer (3123-749)
San Diego, CA

Job Description

The elected candidate will serve as a Cyber Security subject matter expert (SME) for government clients in a fast-paced, demanding environment. Will assess program security compliance, support program briefs, coordinate and compile program security documentation for various programs. Other duties will include:

* All client RMF operations, to include: network Security Categorizations, development of the Cybersecurity Program, and implementation of the Continuous Monitoring Program
* Development of the Security Control Traceability Matrix (SCTM) including negotiation with SCA/AO organizations regarding SC tailoring and overlays, System Security Plan (SSP), Security Assessment Plan (SAP), Cybersecurity Plan of Actions and Milestones (POA&M), and Continuous Monitoring (ConMon) strategy
* Development of various policy documents (SOPs/CONOPs) as required by the client. This may include policies regarding IS Sanitization, Media Security, Password Policy, Business Continuity, Continuity of Operations, Incident Response, Disaster Recover, and Security Assessments
* Conducting Independent Validation and Verification (IV&V) testing on the client network, utilizing automated ACAS scans, as well as automated and manual DISA STIG reviews, and collating the output into an actionable POA&M
* Working with System Administrators/Engineers to conduct remediation and validation operations in accordance with the POA&M
* Conducting application security reviews to determine feasibility/suitability of candidate applications for addition to the network
* Serves as the lead of the Incident Response team, and will be responsible for advising the ISSM and Program Manager regarding IA policy

Preferred skills for this position:

* Experience conducting IV&V assessment, using tools such as Retina, Gold Disk, ACAS, Tenable Nessus, and DISA STIGs
* Experience conducting DoD Certification & Accreditation (C&A) support with specific experience with DIACAP, PIT, NIST RMF, DoD RMF, JSIG, or FISMA
* BA or BS Degree in computer science, cyber security, information assurance or a related IT field is desired.
* Strong knowledge of Risk Management Framework

Required Experience

Experience:

* High School Diploma or GED and a minimum of 4 years' experience with Cyber Security engineering is required
* Experience conducting IV&V assessment, using tools such as Retina, Gold Disk, ACAS, Tenable Nessus, and DISA STIGs
* 8140 IAM or IAT Level II certification
* Strong knowledge of Risk Management Framework