Apply on Employer Site

Tyto Athene, LLC · 16 hours ago

Cybersecurity Engineer

Virginia Beach, VA

Full-time

Onsite

Mid Level

$105K/yr - $115K/yr

4+ years exp

Tyto Athene is searching for a Cybersecurity Engineer to support a Government Program Management Office in Virginia Beach, VA. The role involves providing cybersecurity engineering support throughout the system development life cycle and ensuring security requirements are integrated into system architecture and operations.

Information Technology

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Hiring Manager

Brad Gruber

Responsibilities

Work location is on government site in Virginia Beach, Dam Neck Activity (DNA)

Provide cybersecurity engineering support as part of the system development life cycle (SDLC). Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment

Apply the cybersecurity risk management framework (RMF) to program information systems in accordance with NIST SP 800-37 (RMF for Information Systems and Organizations) and DoDI 8510.01 (RMF for DoD Information Technology)

Implement the RMF life cycle steps to achieve system authorization and operation. Build, maintain, and track system’s cybersecurity baselines and security authorization documentation to the Enterprise Mission Assurance Support Service (eMASS)

Provide support to cybersecurity architecture and assessment & authorization (A&A) processes, ultimately leading to Authority to Operate (ATO) decision

Identify and employ cybersecurity best practices for the organization. Create a well-informed plan based on DOD and Navy cybersecurity strategy and manage the adaption process. Incorporate security management into hardware, software, and applications

Assist Government managers with information security oversight, policy analysis, IT product acquisition, and program execution in accordance with NIST SP 800-39 (Managing Information Security Risk: Organization, Mission, and Information System View) and the DoDI 8500.01 (Defense Cybersecurity Program)

Engage with Program Office managers and technical stakeholders to interpret technical requirements, standards/policies, architectural artifacts, budget development, implementation, auditing, program briefs, and continuous monitoring

Review Assured Compliance Assessment Solution (ACAS) vulnerability scans. Review, analyze and evaluate Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) content for each applicable system component

Prepare and review documentation to include Systems Security Plans (SSP), Security Assessment Plans (SAP), Risk Assessment Reports (RAR), A&A packages, and System Requirements Traceability Matrices (SRTMs)

Qualification

RMF methodologyA&A processDOD cybersecurity policiesEMASS functionalityCybersecurity Workforce (CSWF) IAT Level IICybersecurity best practicesCommunication skillsTechnical documentation

Required

Current active Secret clearance as reported in DISS

Four (4) or more years of experience in IT security, including RMF methodology and A&A

Bachelor's Degree in computer science, cybersecurity, information systems, or other related technical discipline; or Associate's Degree and six (6) or more years of cybersecurity experience

Cybersecurity Workforce (CSWF) Intermediate Level knowledge/skills (IAT Level II), with specific course completion or renewal certificate

Exceptional understanding of DOD cybersecurity policies, RMF steps and structure, A&A process, and gaining system authorization to operate (ATO)

Ability to operate and execute DISA tools, STIG Viewer, eMASSter and a strong familiarity with eMASS functionality

Strong communication skills with all levels of the IT workforce and can translate complex technical topics for senior decision-makers. Prepare/deliver presentations to leadership