Apply on Employer Site

OSC Edge · 1 day ago

Cyber Security Engineer A&A

Quantico, VA

Full-time

Onsite

Senior Level

7+ years exp

OSC Edge is a dedicated IT Service Provider supporting various federal departments. They are seeking a Cyber Security Engineer to manage Assessment & Authorization tasks and ensure compliance with cybersecurity standards and regulations while conducting risk assessments and developing necessary documentation.

Cloud ComputingCyber SecurityInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Develops RMF accreditation artifact documentation to include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other Navy mandated artifacts that comprise the Security Authorization Package

Performs weekly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities

Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and NIST 800-53

Prepare daily, weekly, and monthly reports detailing task and responsibility status

Supports Cybersecurity Test & Evaluation (CT&E) activities of system security engineering and program protection activities

Monitors and executes compliance vulnerability scanning and uploads to the Navy VRAM database

Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations

Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports

Performs system categorization; select, tailor security controls, implement, and test security controls

Attends and leads meetings, works in collaborative a team environment to provide network stability and continuity

Performs other tasks as required by OSC and the Government contracting office

Qualification

DoD 8570 certificationEMASS expertiseRMF process experienceCybersecurity policies knowledgeACAS experienceNetwork security practicesIncident response supportTechnical assessment skillsCommunication skillsTeam collaboration

Required

Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI

High School diploma or equivalent

Must be DoD 8570 certified at the IAT-III/ IAM-III level (CASP, CISM, CISSP, CCISO, CISA)

Minimum of seven (7) years of hands-on experience in the IT/Engineering field

Must have at minimum (2) years' experience with DoN, DoD RMF process; must have completed full Navy or DoD RMF accreditation package from start to ATO issuance

Must have expert level knowledge of eMASS and experience in the development of Assessment and Authorization plans

In depth understanding of computer security, Department of Navy, and DoD cyber security policies

Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), VRAM, and other DoN, and DoD cybersecurity tools

Strong ability to communicate clearly and succinctly in written and oral presentations

Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven

Have knowledge in network, physical, systems and application security practices

Must be familiar with intrusion detection and prevention measures and practices

Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, ACAS, Nessus, and SIEMs

Familiarity with DoD, NIST, RMF and FedRAMP processes

Excellent written and verbal communication skills

Knowledge of ACAS to create and execute scan jobs, reports, and able to troubleshoot non-compliant scans

Knowledge of multiple architectures: Cisco, Linux, Windows, and VMWare