Apply on Employer Site

Leading Path Consulting · 6 hours ago

TS/CSI w/Poly Cybersecurity Project Engineer (A&A/ATO/ISSO)

McLean, VA

Full-time

Onsite

Mid, Senior Level

$140K/yr - $225K/yr

Leading Path Consulting is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to government and Fortune 500 clients. They are seeking a Cybersecurity Project Engineer to support cyber security compliance and manage projects through the Assessment and Authorization (A&A) process, ensuring security requirements are met and systems are designed with security in mind.

ConsultingInformation ServicesInformation Technology

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

The Contractor shall work with technical team to design, develop, test, and implement new networks and network architecture using current technology, to include authorization and accreditation

The Contractor shall work with the technical team to complete requirements to obtain all required approvals and maintain compliance throughout the full lifecycle of the A&A process

The Contractor shall work with the Sponsor and users to identify and develop system requirements taking into account the desired results, hardware limitations and operating requirements, identified by the Sponsor

The Contractor shall work with technical team to provide operational testing and recommendations for continuous improvement of equipment and software in support of Sponsor’s goals and objectives

The Contractor shall work with the technical team to coordinate across the Sponsor’s organization and business partners to expedite operational approvals

The Contractor shall analyze new technologies, hardware, and software to determine the applicability and need for the existing or proposed system, to include security, storage, and network technology

The Contractor shall ensure compliance with the Sponsor's security requirements, incl. those related to data protection, access control, and incident response

The Contractor shall develop and assist with implementing security controls to protect Sponsor systems and data, including firewalls, multi-factor authentication, and encryption

The Contractor shall work with the technical team to conduct internal risk assessments to identify potential security risks and develop mitigation strategies to address them

The Contractor shall prepare and maintain security documentation, incl. System Security Plans, Security Assessment Reports, and Plans of Action and Milestones

The Contractor shall coordinate with the Sponsor's security team to ensure projects meet the Sponsor's security requirements and to address any security-related issues

The Contractor shall implement the Sponsor's A&A process, including preparing and submitting required documentation and leading the team in A&A meetings and reviews

The Contractor shall ensure projects comply with relevant regulations and standards, including those related to data protection and cyber security, such as Defense Information Systems Agency Security Technical Implementation Guides (DISA, STIGs)

The Contractor shall develop and maintain an incident response plan to respond to security incidents, including data breaches and system compromises

The Contractor shall conduct security testing and validation to ensure Sponsor systems and data are secure, including vulnerability scanning and systems hardening

The Contractor shall maintain compliance with the Sponsor's continuous monitoring requirements

The Contractor shall support technical exchange meetings on business and technical requirements

Qualification

Cybersecurity complianceA&A processSystem security controlsCloud infrastructureRisk assessmentsIncident responseData protectionTechnical documentationTroubleshootingSystem design diagramsSensitive data handlingCloud-hosted applicationsCISSP certificationCompTIA Security+CompTIA Network+EC-Council CEHTeam collaborationCommunication skills

Required

Demonstrated experience with designing and implementing secure communication solutions and networks

Demonstrated experience with implementing infrastructure in public cloud domains

Demonstrated experience with the Intelligence Community Directive (ICD) 503 Assessment and Accreditation (A&A) process and acquiring necessary approvals to develop, implement and operate systems

Demonstrated experience with the A&A processes and cyber security requirements as well as experience with coordinating with multiple entities or organizations to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status

Demonstrated experience addressing and implementing system security controls

Demonstrated experience triaging and troubleshooting system issues

Demonstrated experience producing technical system documentation

Demonstrated experience with designing and implementing cloud-hosted infrastructure for use with mobile and commercial applications

Demonstrated experience in information security

Demonstrated experience transferring, handling, and securing sensitive data

Demonstrated experience developing system design diagrams

Demonstrated experience developing and briefing system designs to both technical and non-technical audiences to obtain operational and security approvals

Certifications: CompTIA Network+, CompTIA Security+, and ISC2 Certified Information Systems Security Professional (CISSP)

Preferred

Demonstrated experience with Sponsor systems, architecture, and data

Demonstrated experience providing coordination across Sponsor's organization and business partners to expedite technology approval

Demonstrated experience with the Sponsor's A&A process and cyber security requirements as well as experience with coordinating across the Sponsor organization to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status

Demonstrated experience working independently and collaboratively within a team environment

Demonstrated experience developing system design diagrams using Sponsor provided tools

Certification: EC-Council Ethical Hacker (CEH)