CYBERSECURITY ENGINEER III

Essential Job Functions

• Plans, conducts, and supports accreditation efforts for prototypes and fielded information systems, including training devices.
• Patches and provisions hardened Operating Systems (OS) for fielded and prototype information systems. Ensures that improving system security does not adversely impact functionality and be able to provide technical demonstrations.
• Assists software engineers, field technicians and other teammates in complex troubleshooting. Trains and mentors entry-level and intermediate-level cybersecurity engineers.
• Conducts comprehensive security control assessments and produce supporting artifacts such as security test plans and risk assessment reports, architecture analysis reports and other formal technical reports as needed.
• Creates, modifies, and maintains documentation related to the security posture of specialized information systems, including policies and systems architecture.
• Organizes, develops, and briefs technical interchange meetings such as In-Progress Review (IPR) events, recording minutes and specifying Action Items for follow-on tasking.
• Works with the engineering team and management to assure timeline and scope requirements are met.
• Leads RMF and cybersecurity engineering projects with the authority to assign tasking to other engineers.
• Performs installations and security assessments at customer sites, including cleared sites, as well as early testing on pre-release products.
• Contributes labor estimates and expertise to technical proposals, Basis of Estimates (BOEs) and Work Breakdown Structures (WBS) in conjunction with Business Development team, assuring they are technically accurate and professionally presented.
• Must be capable of safely handling government-furnished equipment and materials.
• Must be available to work a standard weekly schedule with overtime as required.
• Perform other duties as assigned.

Knowledge, Skills, and Abilities

• Experience with applying DoD Instruction 8510.01 Risk Management Framework (RMF) for DoD Systems, effective July 19, 2022 (or subsequent issuances) to Information Systems {IS}. Familiarity with comparable guidance for Foreign Military Service (FMS) entities and equivalent Computer Security industry standards.
• Proactively researches and maintains familiarity with all applicable regulatory guidelines regarding cybersecurity for DoD Information Technology (IT) as published by the National Institute of Standards and Technology

(NIST), DoD itself, or by other relevant defense entities.

• Must be experienced in acquisition and sustainment procedures for DoD IT as it pertains to contractors, as defined in issuances such as DFARS 252.204-7012, NIST SP 800- 171, NIST 800-53, Cybersecurity Maturity Model Certification (CMMC) and other regulatory publications.
• Must possess expertise installing and configuring security settings for Microsoft Windows 10 & 11, Red Hat Enterprise Linux 7, 8, 9 (or similar Unix equivalent), newer OS implementations, and legacy and embedded OS implementations.
• Must demonstrate advanced OS configuration management techniques including scripting, deployment, and disk imaging/cloning.
• Must possess expertise with computer security software, including whitelisting, anti-virus, file integrity validation, static analysis security testing, and vulnerability assessment & reporting tools.
• Must exhibit expertise with deploying complex security solutions to a variety of environments, including networked, virtual, and stand-alone information systems.
• Must have excellent reading, writing, presentation and general communication skills.
• Must be able to obtain a security clearance when required by the contract.