Potawatomi Federal Solutions
CyberSecurity Engineer
Potawatomi Federal Solutions, Bethesda, Maryland, us, 20811
Position Title: Cyber Security Engineer
Division:
AA
Location:
Bethesda, MD (Hybrid Schedule)
Position Summary
The goal of this position is to provide early clarity on information technology assets (IT) and IT systems requirements for the Surgery, Radiology & Laboratory Medicine (SRLM) Facilities, Clinical Center expansion project at the National Institutes of Health (NIH), Bethesda, MD. Specific requirements and deliverables include establishing a validated equipment list and rough order of magnitude (ROM) estimate for new IT assets and IT systems required for the project. In addition, review of the facility design for equipment infrastructure requirements; development of a detailed plan for IT systems; definition of cybersecurity requirements and other objectives. The Cybersecurity Engineer shall develop cybersecurity requirements that will aid in future SRLM Facilities planning and ensure adherence with Federal policies and NIH-specific cybersecurity requirements. Also, develop detailed cybersecurity requirements to be used in the future to comply with NIH requirements for cybersecurity certification, Risk Management Framework (RMF) compliance, and Authority to Operate for new and reuse equipment.
**Position is dependent upon contract award, candidate government acceptance and pass government security investigation
Essential Duties & Responsibilities
Inventory existing systems and components and include results in the overall revised inventory for each department.
Develop an IT Systems plan that includes system capabilities and features, anticipated devices and components, reuse considerations. Include results for these systems in the VEL and ROM Estimate.
Develop detailed cybersecurity requirements to be used in the future to comply with NIH requirements for cybersecurity certification, Risk Management Framework compliance, and Authority to Operate for new and reuse equipment.
Coordinate with NIH CC DCRI and CIT to collect and review current NIH procedures for meeting cybersecurity requirements, Risk Management Framework (RMF) and Authority to Operate (ATO) requirements for existing and new IT systems and assets. Update and combine these results and develop a plan and process for meeting cybersecurity requirements, for use in the later IO&T task order for the SRLM facilities.
Validated Equipment List. The result of the validation process shall be a preliminary Validated Equipment List (VEL) that identifies all new and reuse equipment. The VEL shall include all new equipment required for the project, whether it is to be purchased under the future IO&T task order or by the Government, and all reuse equipment.
Completes data collection to support to include: Contractor Computer Cybersecurity Compliance Statements, System Security Plan (Draft, combination of POAM, checklist to be completed, and IV&V, Security Plan), Control System Inventory Report, Cybersecurity STIGs/SRGs (including ver. numbers) Report, Network Communication Report (PPSM), Cybersecurity Riser Diagram, Cybersecurity Interconnection Schedule, Control System Cybersecurity Documentation, etc.
Maintains responsibility for managing scope, cost, schedule, internal staffing, vendors, and contract deliverables.
Develops project plans, monitors project milestones, and generates periodic status reports reporting to stakeholders as needed.
Coordinates with end users, customers, technology vendors, project managers, and key personnel to determine technology requirements including, but not limited to, the review and validation of technology requirements, designs, and associated plans.
Meets with end users/customers to review, document, and forecast technology requirements to include reuse of existing technologies, determining replacement or purchase of new technologies and placement of technologies in new facility.
Other duties as assigned.
Education & Experience Requirements
Must be a United States Citizen.
Bachelor’s Degree in Computer Science, Information Systems, or a related subject and 3+ years of related experience OR 6+ years of related experience accepted in lieu of Bachelor's Degree.
CISSP certification (a plus but not required).
General knowledge of medical devices and IT used in a large hospital environment.
Minimum 3-years’ experience managing RMF/ATO processes in a federal healthcare-centric environment (NIH preferred).
Proven leadership, conflict resolution, and personnel management skills; work independently, part of a team and/or lead a project team.
Proficient with computer operations, Microsoft Office suite of products, to include Microsoft Project, and associated programs.
Advancia Aeronautics, LLC is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.
#J-18808-Ljbffr
Division:
AA
Location:
Bethesda, MD (Hybrid Schedule)
Position Summary
The goal of this position is to provide early clarity on information technology assets (IT) and IT systems requirements for the Surgery, Radiology & Laboratory Medicine (SRLM) Facilities, Clinical Center expansion project at the National Institutes of Health (NIH), Bethesda, MD. Specific requirements and deliverables include establishing a validated equipment list and rough order of magnitude (ROM) estimate for new IT assets and IT systems required for the project. In addition, review of the facility design for equipment infrastructure requirements; development of a detailed plan for IT systems; definition of cybersecurity requirements and other objectives. The Cybersecurity Engineer shall develop cybersecurity requirements that will aid in future SRLM Facilities planning and ensure adherence with Federal policies and NIH-specific cybersecurity requirements. Also, develop detailed cybersecurity requirements to be used in the future to comply with NIH requirements for cybersecurity certification, Risk Management Framework (RMF) compliance, and Authority to Operate for new and reuse equipment.
**Position is dependent upon contract award, candidate government acceptance and pass government security investigation
Essential Duties & Responsibilities
Inventory existing systems and components and include results in the overall revised inventory for each department.
Develop an IT Systems plan that includes system capabilities and features, anticipated devices and components, reuse considerations. Include results for these systems in the VEL and ROM Estimate.
Develop detailed cybersecurity requirements to be used in the future to comply with NIH requirements for cybersecurity certification, Risk Management Framework compliance, and Authority to Operate for new and reuse equipment.
Coordinate with NIH CC DCRI and CIT to collect and review current NIH procedures for meeting cybersecurity requirements, Risk Management Framework (RMF) and Authority to Operate (ATO) requirements for existing and new IT systems and assets. Update and combine these results and develop a plan and process for meeting cybersecurity requirements, for use in the later IO&T task order for the SRLM facilities.
Validated Equipment List. The result of the validation process shall be a preliminary Validated Equipment List (VEL) that identifies all new and reuse equipment. The VEL shall include all new equipment required for the project, whether it is to be purchased under the future IO&T task order or by the Government, and all reuse equipment.
Completes data collection to support to include: Contractor Computer Cybersecurity Compliance Statements, System Security Plan (Draft, combination of POAM, checklist to be completed, and IV&V, Security Plan), Control System Inventory Report, Cybersecurity STIGs/SRGs (including ver. numbers) Report, Network Communication Report (PPSM), Cybersecurity Riser Diagram, Cybersecurity Interconnection Schedule, Control System Cybersecurity Documentation, etc.
Maintains responsibility for managing scope, cost, schedule, internal staffing, vendors, and contract deliverables.
Develops project plans, monitors project milestones, and generates periodic status reports reporting to stakeholders as needed.
Coordinates with end users, customers, technology vendors, project managers, and key personnel to determine technology requirements including, but not limited to, the review and validation of technology requirements, designs, and associated plans.
Meets with end users/customers to review, document, and forecast technology requirements to include reuse of existing technologies, determining replacement or purchase of new technologies and placement of technologies in new facility.
Other duties as assigned.
Education & Experience Requirements
Must be a United States Citizen.
Bachelor’s Degree in Computer Science, Information Systems, or a related subject and 3+ years of related experience OR 6+ years of related experience accepted in lieu of Bachelor's Degree.
CISSP certification (a plus but not required).
General knowledge of medical devices and IT used in a large hospital environment.
Minimum 3-years’ experience managing RMF/ATO processes in a federal healthcare-centric environment (NIH preferred).
Proven leadership, conflict resolution, and personnel management skills; work independently, part of a team and/or lead a project team.
Proficient with computer operations, Microsoft Office suite of products, to include Microsoft Project, and associated programs.
Advancia Aeronautics, LLC is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.
#J-18808-Ljbffr