Cyber Security Engineer (A & A)

The Cyber Security Engineer role will be responsible for tasks related to Assessment & Authorization (A&A) to ensure assigned DoD systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs. Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.

Responsibilities

• Develops RMF accreditation artifact documentation to include Risk Assessment Report (RAR), Information Security Continuous Monitoring (ISCM) Strategy, Security Authorization Package, engineering documentation, network drawings, and related documentation as required by DoD accreditation standards
• Develops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO certifications.
• Performs monthly CND vulnerability scans utilizing DoD mandated practices and software utilities.
• Conducts FISMA assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and the Cybersecurity Strategy
• Prepares daily, weekly, and monthly reports detailing task and responsibility status
• Develops, reviews, and maintains RMF artifacts for RMF compliance.
• Supports Cybersecurity Test & Evaluation (CT&E) or Developmental Test & Evaluation (DT&E) activities of system security engineering and program protection activities.
• Drafts authorization artifacts in accordance with customer requirements.
• Updates and validates policies, processes, and SOPs, in accordance with DoD policies and regulations
• Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
• Performs system categorization; select, tailor security controls, implement, and test security controls
• Attends and leads meetings, works in collaborative a team environment to provide network stability and compliance
• Performs other tasks as required by OSC and the Government contracting office.
  
  

Required Qualifications/Education And Experience

• Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI
• High School diploma or equivalent
• Must be DoD 8570 certified at the IAT-II/ IAM-II level
• Minimum of seven (7) years of hands-on experience in the IT/Engineering field
• Must have at minimum (2) years’ experience with DoD RMF process; must havecompleted full DoD RMF accreditation package from start to ATO
• Must have strong working experience with eMASS and experience in the development of Assessment and Authorization plans
• In depth understanding of computer security and DoD cyber security policies
• Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), and DoD cybersecurity tools
• Strong ability to communicate clearly and succinctly in written and oral presentations
• Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven
• Have knowledge in network, physical, systems and application security practices
• Must be familiar with intrusion detection and prevention measures and practices
• Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, HBSS, ACAS, Nessus, ARCSIGHT and SIEMs
• Familiarity with NIST, RMF and FedRAMP processes
• Excellent written and verbal communication skills
• Experience running ACAS scans
• Knowledge of multiple architectures: Cisco, Linux, Windows, and VMWare
  
  

Preferred Qualifications/Education And Experience.

• Bachelor’s degree (preferably in Information Technology, Information Management, or Cyber Security)
• Certified Information Systems Security Professional (CISSP) certification
  
  

Benefits

OSC Edge delivers a total rewards package that we know will attract, engage and retain top talent. Key elements of our package include a competitive base pay and a comprehensive benefits package:

We offer eligible employees with an opportunity to enroll in a variety of benefits offerings. Here are just some of our benefits for our US based positions:

• Medical/ Dental/ Vision
• Life insurance and AD&D
• Flexible Spending
• Accident, Critical Illness and Hospital Indemnity coverage
• 401(k) and ROTH retirement options and company match
• Pet Insurance
• Identify Theft and Fraud Protection coverage
  
  

About OSC Edge

Founded in 2008, what started as a small business has grown into a diverse and innovative global team owned by Cook Inlet Region, Inc. an Alaska Native Regional Corporation. As a US Federal contractor, we are a dedicated IT Service Provider supporting the Departments of the Army, Navy, Air Force, DoD Educational Institutions, and large corporate entities. Our expertise is in Cloud Computing, Cyber Security, Compliance Management, Enterprise Architecture, IT Support, and CSfC. If you are passionate about making a difference and thrive in a dynamic and collaborative environment, we invite you to apply to join our team.

Equal Opportunity Employer/Veterans/Disabled