Apply on Employer Site

NextGen Federal Systems · 22 hours ago

Information Assurance Engineer

Aberdeen, Maryland

Full-time

Onsite

Mid Level

3+ years exp

NextGen Federal Systems is an innovative technology and professional services provider specializing in advanced software solutions. They are seeking a Cybersecurity Engineer to support mission systems for an Army program, focusing on maintaining compliance and security for engineering activities.

Enterprise SoftwareInformation ServicesInformation TechnologySoftwareSoftware Engineering

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Administer and maintain Assured Compliance Assessment Solution (ACAS) scanning for the information assurance team in accordance with STIG/SRG guidance, applicable Taskords, and best security practices

Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guidelines (STIGs) and the Common Vulnerabilities and Exposures (CVE) repository

Navigate systems through the authorization process, prepare packages for government review, and maintain compliance through change management

Translate security requirements into technical tasks and work with the engineering teams to verify the measures needed to bring systems and laboratories into compliance

Ensure that all systems are patched and report any problems in achieving compliance to the Information System Security Officer (ISSO)

Documentation and compliance are vital, requiring the creation and maintenance of security documentation, including ATO packages and ensuring the integration of security solutions

Create and update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities. Work with the engineering team to determine remediation or mitigation actions and timelines

Qualification

ACASNIST SP 800-53Vulnerability managementRisk assessmentNessusSTIG CheckerSCAPSecurity + certificationLinux+ certificationCybersecurity policiesSecurity control assessments

Required

3+ years of general information technology experience

2+ year of directly applicable ACAS experience

Knowledge of cybersecurity policies and guidelines (NIST SP 800-53, Army Instruction 8510.01), a strong understanding of security controls, vulnerability management, and risk assessment methodologies

Hands-on experience utilizing Army-approved scanning/testing tools (Nessus, STIG Checker, SCAP, etc.) and performing analysis of output

Experience with Army cyber security applications (ACAS, HBSS, SCC)

Experience with Army cybersecurity requirements, NIST standards, vulnerability and compliance assessments, and the NIST RMF

A BA or BS degree in a relevant field such as Cybersecurity, Computer Science, or Information Technology is required. An Associates degree and 7 years of experience or a total of 9 years of total experience may be substituted for the BA/BS degree

Active Top Secret Clearance

Security + certifications; with ability to obtain Linux+ certification