Overview

Join Our Stellar Team at Castalia Systems!

Are you ready to skyrocket your career with us? We're on the lookout for ambitious individuals who are eager to make their mark in a diverse and thriving environment.

At Castalia Systems, we're not just another company – we're a certified Woman Owned Small Business (WOSB) and Small Disadvantage Business (SDB) committed to excellence since 2011. Join us in delivering top-tier solutions to the dynamic Defense and Intelligence sector.

As valued members of our team, we prioritize your well-being. Enjoy a comprehensive benefits package, including medical, dental, and vision coverage, 401k matching, generous PTO, paid holidays, professional training opportunities, and even pet insurance to ensure your furry friends are cared for too.

Responsibilities

Castalia Systems is seeking an Information Security Assurance Engineer in the Tampa, FL area.

The Information Assurance Engineer position at MacDill AFB, FL supports the Global Solutions Management-Operations II (GSM-O II), Joint Communications Support Element (JCSE).

The JCSE team provides en-route, early entry, scalable C4 support to Regional Combatant Commands, Special Operations Command, and other agencies. In this role, you will be responsible for ensuring that the systems security meets all DoD/JCSE requirements and design, facilitating system assessments, documentation and providing hands-on security engineering support. Key elements of this position include: Capture and refine information security requirements and ensure their integration into information technology components and information systems; Perform vulnerability assessments, to determine weaknesses and exploit methods in systems/networks; Perform cybersecurity analysis and hardening of complex IT systems; and conducting cybersecurity mitigations on design solutions to comply with Risk Management Framework (RMF) cybersecurity requirements.

A qualified candidate will perform the following duties and responsibilities, but are not limited to:

• Develop Security plan of action and milestones (POA&M) for all open security findings identified during the development phase of modernization on the end-to-end enterprise infrastructure (Data Center, SATCOM Gateway, and deployed kits).
• Identifying what cybersecurity STIG, checklist, or control requirements apply during development of new components and software that is implemented into the enterprise infrastructure (Data center, SATCOM Gateway, and deployed kits)
• Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the security manager, ISSM, and J5 directorate.
• Track information for assurance directed guidelines for all hardware and applicable software ensuring proper security for the JCSE Enterprise.
• Provide tracking and summary reports based on findings to leadership. Modernization actions include but are not limited to STIGs, compliant patch implementation/management, Information Assurance Vulnerability Management (IAVM) compliance, integration/ implementation of any approved hardware and software, and react appropriately to cyber threats.
• Support DoD Risk Management Framework (RMF) in accordance with CNSSI 1253 and NIST 800-53 (all revisions) for IA controls; 8570/8140 for IA Workforce training and DCID 6/3 for protection of sensitive compartmented information. This also includes the updates required for the JCSE packages and all updated instructions which support the Assessment and Authorize (A&A) process.
• Provide technical support and guidance to maintain the JCSE IA processes and procedures in support of computer network defense in-depth protection for the JCSE enterprise infrastructure.
• Recommend network configuration, policy, training, operational or other changes/updates based on assessed risks.
• Coordinate with internal and external organizations, agencies and activities to support resolution of security issues, accreditation and waiver requests that impact the ability to obtain connection approval.
• Recommend connection approval, disapproval or modification based on security risks and system vulnerabilities.
• Develop Security Test and Evaluation (ST&E) and Certification Test and Evaluation (CT&E) plans, as required.
• Develop configuration documentation for the JCSE Enterprise to include network diagrams, technical sensor/administrative & policy POCs, and related information.

Qualifications

Security Clearance Requirement: 

• Active Top Secret/SCI clearance is required. 

Required Qualifications:

• Education: BS Degree and 4 years of prior relevant experience. Specific experience, education and training may be considered in lieu of degree.
• Current DoD 8570 IAT Level III certification (CISSP, CASP CE, CCNP Security, CISA, GCED, GCIH, CCSP, etc.)

Preferred Qualifications:

• CISSP Preferred.

Castalia Systems is an equal employment opportunity and affirmative action employer and strives to comply with all applicable laws prohibiting discrimination based on race, color, creed, sex, sexual orientation, age, national origin, or ancestry, physical or mental disability, veteran status, marital status, HIV-positive status, as well as any other category protected by federal, state, or local laws. All such discrimination is unlawful, and all persons involved in the operations of the company are prohibited from engaging in this type of conduct.