Job Title: Cyber Security Engineer/Information System Security Officer
Job Location: Crystal City, VA
Project Length: Multiple Year
Duties and Responsibilities:
Expert consultant in all aspects of Cybersecurity/information assurance (IA) including cybersecurity solutions development, certification process and security/software lifecycle activities for the program. Manages major information security efforts of national significance. Work independently or in a team in support of a customer on-site. Clear technical understanding of the risks, vulnerabilities, and technical methods for mitigations. Develops new and complex systems security solutions, including hardware and software.
Specific Duties and Responsibilities:
- Provides expertise for the development of new systems.
- Provides Subject Matter Expert level security analysis and consultation services for product, system, and network architecture designs.
- Prepares and delivers Cybersecurity briefs to Program leadership.
- Publishes reports and keeps metrics for client systems.
- Conducts system assessments to ensure specified system controls are effective.
- Analyzes and reviews security findings and data. Identifies trends and root causes of system failures or vulnerabilities.
- Ensures that Information Systems Security policies, procedures, and practices are compliant with prescribed directives.
- Serve as alternate ISSO.
Required Qualifications:
- BA/BS plus 10-12 years of relevant work experience. Possess in good standing, a certification that meets DOD 8570.01-M for the IAT III level position. Recent work experience in Information Assurance/Cybersecurity. Experienced with leading the Assessment and Authorization (A&A) activities under the RMF. Experience in supporting the design and development activities of enterprise systems.
- Knowledge of the Cross Domain Solutions and Cross Domain Connection process preferably in a DoD/DISA environment.
- Active Secret clearance.
Desired Qualifications:
- Experience working with Oracle ERP.
- Experience in PMO support.
- Experience with PeopleSoft.
- Experience with eMASS.
- Knowledge and experience working with DoD's Risk Management Framework.
- Possess the following certifications: CSSLP, CISA, CEH or GIAC Certifications.