Arcfield
Cyber Systems Engineer Technical Specialist - Vulnerability Management
Arcfield, Chantilly, Virginia, United States, 22021
Overview
Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.Responsibilities
Program Description:The program provides Systems Engineering and Technical Assistance (SETA) support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.Position Description:The Vulnerability Management Division (VMD) Cyber SE provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:Support the IT vulnerability management lifecycle.Support government activities and reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC)Assess and manage the implementation of identified corrections associated with high visibility technical vulnerabilitiesUsing several database sources, collect the necessary metrics to develop and deliver a periodic Cyber Vulnerabilities Metrics ReportDevelop and deliver asset vulnerability views for categories such as mission, cross domain, and location, as required by the customerDevelop cyber vulnerability analysis for known vulnerabilities, as well as cyber-related metrics and reporting deliverablesDocument and deliver awareness notices related to cyber vulnerabilitiesDocument and deliver Government activities and reporting related to tasking and directions received from external stakeholders (i.e., USCYBERCOM, IC-SCC).Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and program Information System Security Engineers (ISSEs)Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findingsPrepare and update slides for weekly and monthly meetingsResearch trending vulnerabilities being reported through enterprise security toolsSupport the automation of current activities with system engineers and software developers from other groups and officesEnsure divisional processes are accurately documented and kept up to dateMaintain representation of divisional activities and metrics via Confluence on a weekly basisAssist with the development of new processes and deliverables to support enterprise vulnerability analysis designed to inform the enterprise of existing vulnerabilities
Qualifications
Required:Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 6 to 8 years with Ph.DMust possess and be able to maintain a TS/SCI with PolyAble to support customer's core hours (0900-1500; Mon - Fri)DoD 8570 certification in IAT or IAMFamiliarity with the IT vulnerability management lifecycle.Excellent communications skills - Verbal and Non-VerbalStrong analytic and risk management skillsStrong attention to detail and organizational skillsExcellent communications skillsSelf-starter requiring limited direction and supervisionExperience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentationFlexibility of schedule based on customer needsDesired:Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certificationExperience supporting IT domain or IC experience with acquisition and project managementExperience briefing senior customer personnelAbility to organize and prioritize numerous customer requestsFamiliarity with customer's IA processesExperience with SNOW, Splunk and ACASFamiliarity with Cross Domain Systems (CDS)Experience supporting IC or DoD in the Cybersecurity Domain
EEO Statement
EEOArcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.Responsibilities
Program Description:The program provides Systems Engineering and Technical Assistance (SETA) support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.Position Description:The Vulnerability Management Division (VMD) Cyber SE provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:Support the IT vulnerability management lifecycle.Support government activities and reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC)Assess and manage the implementation of identified corrections associated with high visibility technical vulnerabilitiesUsing several database sources, collect the necessary metrics to develop and deliver a periodic Cyber Vulnerabilities Metrics ReportDevelop and deliver asset vulnerability views for categories such as mission, cross domain, and location, as required by the customerDevelop cyber vulnerability analysis for known vulnerabilities, as well as cyber-related metrics and reporting deliverablesDocument and deliver awareness notices related to cyber vulnerabilitiesDocument and deliver Government activities and reporting related to tasking and directions received from external stakeholders (i.e., USCYBERCOM, IC-SCC).Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and program Information System Security Engineers (ISSEs)Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findingsPrepare and update slides for weekly and monthly meetingsResearch trending vulnerabilities being reported through enterprise security toolsSupport the automation of current activities with system engineers and software developers from other groups and officesEnsure divisional processes are accurately documented and kept up to dateMaintain representation of divisional activities and metrics via Confluence on a weekly basisAssist with the development of new processes and deliverables to support enterprise vulnerability analysis designed to inform the enterprise of existing vulnerabilities
Qualifications
Required:Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 6 to 8 years with Ph.DMust possess and be able to maintain a TS/SCI with PolyAble to support customer's core hours (0900-1500; Mon - Fri)DoD 8570 certification in IAT or IAMFamiliarity with the IT vulnerability management lifecycle.Excellent communications skills - Verbal and Non-VerbalStrong analytic and risk management skillsStrong attention to detail and organizational skillsExcellent communications skillsSelf-starter requiring limited direction and supervisionExperience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentationFlexibility of schedule based on customer needsDesired:Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certificationExperience supporting IT domain or IC experience with acquisition and project managementExperience briefing senior customer personnelAbility to organize and prioritize numerous customer requestsFamiliarity with customer's IA processesExperience with SNOW, Splunk and ACASFamiliarity with Cross Domain Systems (CDS)Experience supporting IC or DoD in the Cybersecurity Domain
EEO Statement
EEOArcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.