Softworld Cyber Engineer in Aberdeen, Maryland

Cyber Engineer

Aberdeen, MD

| Perm

Post Date: 03/13/2018

2018-03-13 2018-04-22

Job ID: 225858

Industry: IT

Job Description

The Cybersecurity Engineer will provide cybersecurity engineering support in all phases of the system lifecycle including developing and providing input to cybersecurity documentation, architecture, and identifying and implementing design requirements in accordance with DoD and Army policy and security regulations and industry best security practices. Additional duties will include, but are not limited to the following:

Job Duties

  • Provide technical subject matter expertise on Department of Defense (DoD) Risk Management Framework (RMF) Assessment and Authorization (A&A) requirements and implementation.

  • Review and recommend secure system configuration for servers, workstations and network devices and provided security recommendations to mitigate loss of confidentiality, integrity and availability of data.

  • Conduct self-assessments of the systems' security posture through maintaining and enhancing the information security controls through vulnerability scanning and penetration testing tools such as Assured Compliance Assessment Solution (ACAS) and Security Content and Automation Protocol (SCAP) Compliance Checker (SCC).

  • Responsible for developing and documenting system artifacts including network diagrams, data topology, and Plan of Actions & Milestones (POA&M).

  • Develop policies, plans, and procedures implementing RMF requirements including a System Security Plan, Disaster Recovery Plan, Incident Response Plan, Continuity of Operation Plan, Change Management Plan and Vulnerability Management Plan.

Minimum knowledge, skills and abilities

  • Minimum 5 years of experience providing IA and/or Cybersecurity support to DoD customers

  • Experience implementing the DoD Risk Management Framework (RMF) process

  • Experience with assessing and implementing the DISA Security Technical Implementation Guides (STIGs)

  • Experience using Enterprise Mission Assurance Support Service (eMASS)

  • Understanding of AR 25-2, DoD 8500.01, 8510.01, CNSSI 1253, and NIST 800 regs (e.g. 800-53, 800-37, 800-60)

  • Experience developing policies and procedures in support of DIACAP or RMF

  • Excellent oral and written communication skills

Education and Certification

  • B.S. in Computer Science, comparable degree or experience

  • Minimum CompTia Security+, ISC2 Certified Information Systems Security Professional (CISSP) or Certified Authorization Professional (CAP) desired

  • Active SECRET clearance