Logo
Gridiron IT

Cyber Security Engineer Job at Gridiron IT in Washington

Gridiron IT, Washington, DC, United States


GridIron IT is seeking a Cybersecurity Engineer local to Ft Belvoir VA.


Active Secret Clearance


Salary Range: $155,000.00- $160,000.00


Overview:

Serve as a cyber subject matter expert and advisor to the ECMA. Provide cyber system architecture and engineering expertise, technical advice, develop and review cyber security policy and threat models and support expanding CSSP offerings and C5ISR efforts. Support the Risk Management Framework Cloud (RMFc) process, assist in developing RMFc documentation for customers and application owners across all Cloud service models and shared services. Review and make recommendations of customer RMFc documentation as required and assist the authorizing official (AO) with the certification of all Army cloud instantiations. Provide support to streamline inheritable controls from the Cloud Service provider down to Application owners. Provide recommendation process and procedures to further automate validation checks of STIGs, vulnerability detection, and static code analysis.

Support business continuity activities to include continuity planning, conducting business impact assessments, creating systems and processes of prevention and recovery to deal with potential threats to the Army. In addition to prevention, will enable on-going operations before and during service interruptions or actual execution of a disaster recovery operations. Additionally, will assist with creating spillage processes, ultimately enabling Army customers to immediately remediate.

Support data security throughout the lifecycle in cloud environments (Create, Store, Use, Share, Archive and Delete). Provide expertise in selecting relevant technical solutions to ensure data is secure within all cloud service models. In this role, provide expertise in selection and deployment of a Security Information and Event Management (SIEM) system that is user-friendly and relevant to mission-sets across the Army.


Description:

  • Experience with Incident Response and SOC operations
  • Monitoring and analysis of potential threat activity.
  • Providing engineering support, operations, and maintenance of security tools.
  • Must be able to run vulnerability and patching reports, analyze data, and respond/resolve customer support tickets relating to aforementioned tools.
  • In-depth familiarity with Systems Security Categorization, Federal Information Processing Standard (FIPS 199 & 200), Federal Information Security Management Act (FISMA) 2014, Security Assessment Plan (SAP), aggregating risk, remediation of findings, and Ports Protocols Services Management (PPSM)
  • In-depth operational and technical knowledge of security concepts including, but not limited to Security, Information, and Event Monitoring (SIEM) tools
  • Practical knowledge of security management processes including, but not limited to, risk management, security planning, IT security control implementation, testing, and logical access controls
  • Exceptional verbal and written communication skills.
  • Practical knowledge of Federal Cybersecurity – FISMA, NIST, OMB
  • Proven ability to meet schedule and performance requirements for IT Security projects
  • Serves as a subject matter expert to advise for RMF packages, strategies, and technical components to ensure compliance of NIST 800-53 security controls.
  • Assess solutions’ architectural designs for compliance with NIST 800-53 rev 5 and DOD related policies for on premise and cloud-based solutions; prepare assessment documentation.
  • Develop security artifacts to support the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Design and Installation Procedures, System User Guides, Privileged User Guides, Security Test Procedures and other documents as needed.
  • Support systems through all steps of RMF and enable Gov Client to achieve and or maintain authorities.
  • Review vulnerability scan results at the operating system (OS) and application level and work with stakeholders to architect and implement mitigations.



Requirements:

  • Bachelor’s degree in Engineering or IT related field
  • Active IAM III certification
  • 7+ years professional experience in a related field
  • 3+ years of experience in Army, DoD, or IC at the Headquarters, Department of the Army, or major command level (e.g. ARCYBER, NETCOM, 7th Signal Command, Program Executive Office) or in industry implementing similar solutions
  • Active SECRET clearance (or higher)
  • Strong working knowledge of large, complex IT environments
  • Experience implementing solutions and services in a similar sized organization
  • Expert ability to communicate effectively in both oral and written forms with all levels of staff
  • Ability to effectively present information to, and interact well with, different levels of the organization.
  • Strong technical writing expertise.
  • Ability to work well in a strong collaborative team-oriented environment.
  • Strong working knowledge of large, complex IT environments



Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.

Gridiron IT is a Women Owned Small Business (WOSB) company specializing in IT Infrastructure, Cyber & Cloud Security, Software Development, and Enterprise Support. Gridiron is an Inc. 5000 2022 recipient and Washington Business Journal Fastest Growing Companies in the Greater Washington Area for 2022. Gridiron offers a competitive benefits package to include medical, dental, vision, 401(k), life insurance, disability insurance, and pet insurance.