Naval Supply Systems Command
Cybersecurity Engineer
Naval Supply Systems Command, Virginia Beach, Virginia, us, 23450
Summary
The Cybersecurity Engineer performs a variety of security related tasks, including the development and implementation of system information security standards and procedures. They ensure that information systems (IS) are functional and secure within the network environment.
This job is open to
The public
U.S. Citizens, Nationals or those who owe allegiance to the U.S. Duties
Incumbents of this position must be U.S. Citizens.
Responsibilities include:
Provides NEXCOM cybersecurity support, by performing full package analysis of all IT systems, as defined by the Navy Risk Management Framework (RMF) guide. Uses comprehensive knowledge of information systems security principles and methods and the requirements for assessment and authorization to provide technical leadership in reassessment of installed systems. Applies knowledge and skills of information systems security principles and methods, the requirements for assessment and authorization of systems testing and evaluation, and performance management methods to conduct security authorizations for installed systems and/or networks, as well as reassessments of installed systems. Interviews the Information Technology (IT) owner to obtain system or site information.Independently uses this and other available information to evaluate security features of the IT system or site being assessed and authorized.Extensively work with system-level program teams throughout the system lifecycle to ensure they meet DoD 8500 series. Documents A&A information in the Comprehensive RMF package ensuring internal consistency of the information while ensuring no omissions. Provides clear and detailed technical feedback on potential risks affecting the systems vulnerability footprint and recommended courses of action to mitigate or consider other options to meet mission requirements while preserving or improving the security postures. Responsible for continuous monitoring of the system's security posture to ensure ongoing compliance and the timely detection of security issues after authorization, as necessary. Develops Security Assessment Plan (SAP). Uses CS tools in development of test plans, including Defense Information System Agency (DISA) Security Test Implementation Guides (STIGs), vulnerability scanners (e.g., SCCVI/SCRI, ACAS), and other tools.Recommends mitigation measures to reduce risk. Capable of going off test procedure scripts to extensively test a possible discrepancy that the test procedures may not fully identify. Notes unmitigated discrepancies, documents countermeasures that are in place, and documents a POA&M for addressing open risk/residual risk items. Utilizes FedRAMP, PCI, and other third party package authorizations for reciprocity and use within the NEXCOM organization. Ensures effective implementation of organizational information systems, security regulations, policies and maintaining compliance with higher level requirements.Ability to identify system components, develop and maintain diagrams, assesses risks, determines security modes of operation, and recommends new or revised security measures and countermeasures. Keeps supervisors up to date on all assignments. Performs other related duties as assigned. Requirements
Conditions of Employment
Key Requirements Candidate must meet all qualification requirements by the closing date of this announcement. A one-year probationary period will be required upon selection. Social Security Card must be presented at time of appointment. If you are selected for this position, the documentation that you present for purposes of completing the Department of Homeland Security (DHS) Form I-9 will be verified through the DHS E-verify system. Federal Law requires verifying eligibility of all new hires. The Navy Exchange Service Command is an E-Verify Participant. Incumbents of this position must be U.S. Citizens. Candidates/Incumbent must be eligible for and obtain a Secret Clearance.
Other Requirements
Must be US Citizen.
SECNAV M-5239.2, DoN, Information Assurance (IA) Workforce Manual requires incumbents of this position to possess and maintain current, two types of certifications as follows:
Certified in Governance Risk and Compliance (CGRC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP+), GIAC Security Leadership Certification (GSLC). Technical Certification: Operating System/Computing Environment (OS/CE) certificate of training as dictated by Supervisor and approved by Command Cyber IT/CSWF-PM. Candidate is also required to sign a Privileged Access Agreement.
Candidates without the required certification may be placed into this job but must obtain the required certification within 6 months of appointment; failure to obtain this requirement will result in termination of employment.
This position in accordance with SECNAV M-5510.30 will require a favorable Single Scope Background Investigation (SSBI).
Candidates without the required certification may be placed into this job but must obtain the required certification within 6 months of appointment; failure to obtain this requirement will result in termination of employment.
This position in accordance with SECNAV M-5510.30 will require a favorable Single Scope Background Investigation (SSBI).
Qualifications
A total of 7 years of experience, consisting of the following:
Qualified candidates must be U.S. Citizens.
GENERAL EXPERIENCE: 3 years' experience in security, technical or investigative work which demonstrated the ability and aptitudes required to perform technical, managerial or analytical work involving management information systems.
OR
SUBSTITUTION OF EXPERIENCE FOR EDUCATION: One year of related academic study above the high school level may be substituted for 9 months of experience up to a maximum of a 4 year bachelor's degree in IT security or computer information systems for 3 years of general experience.
AND
SPECIALIZED EXPERIENCE: 4 years of experience in at least two of the following:
Technical analysis for infrastructure architecture; IT security compliance and reporting; Technical risk analysis; and Authorization and accreditation. This position is designated in accordance with SECNAV M-5510.30 and will require a favorable Access National Agency Check and Inquiries (ANACI).
Candidates must be eligible for and obtain a Secret Clearance, within 6 months of appointment. Failure to obtain will result in termination.
Education
4-year bachelor's degree in a related field preferred.
Additional information
Benefits
2024 Virtual Benefits Fair:
https://www.virtualfairhub.com/Nexcom/public/welcome.
Retirement Video:
https://vimeo.com/892701134/032227107c?share=copy.
Benefits
Review our benefits How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
Your qualifications will also be evaluated on the Minimum Qualification Requirements as described in your profile and resume.Credit will be given for appropriate paid and unpaid experience or volunteer work.
Benefits
Review our benefits Required Documents
As a new or existing federal employee, you and your family may have access to a range of benefits. Your benefits depend on the type of position you have - whether you're a permanent, part-time, temporary or an intermittent employee. You may be eligible for the following benefits, however, check with your agency to make sure you're eligible under their policies.
To apply for this position, you must provide a complete Application package which includes:
a) Your Resume.
b) Completion of Automated Application.
c) Any documents you wish to be reviewed.
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. How to Apply
Applicants must apply online via the Navy Exchange website, https://www.mynavyexchange.com/nex/work-for-us, and click "Work for Us."
To apply, please access our website by clicking on the link below and search for job number
240002WX
https://nexcom.taleo.net/careersection/.nexcom_ext_prof_cs/jobdetail.ftl?job=240002WX&tz=GMT-04%3A00&tzname=America%2FNew_York.
Agency contact information
Human Resources
Email
nexcom.jobs@NEXWEB.ORG
Address
Navy Exchange Service Command - NEXCOM
3280 Virginia Beach Boulevard
Virginia Beach, VA 23452
US
Next steps
After we receive your complete application package, your qualifications will be reviewed. You may follow the status of your application through the automated hiring system. Only those candidates chosen for an interview will be contacted.
Fair and Transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
Criminal history inquiries Equal Employment Opportunity (EEO) Policy Financial suitability New employee probationary period Privacy Act Reasonable accommodation policy Selective Service Signature and false statements Social security number request
Required Documents
To apply for this position, you must provide a complete Application package which includes:
a) Your Resume.
b) Completion of Automated Application.
c) Any documents you wish to be reviewed.
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
How to Apply
Applicants must apply online via the Navy Exchange website, https://www.mynavyexchange.com/nex/work-for-us, and click "Work for Us."
To apply, please access our website by clicking on the link below and search for job number
240002WX
https://nexcom.taleo.net/careersection/.nexcom_ext_prof_cs/jobdetail.ftl?job=240002WX&tz=GMT-04%3A00&tzname=America%2FNew_York.
Agency contact information
Human Resources
Email
nexcom.jobs@NEXWEB.ORG
Address
Navy Exchange Service Command - NEXCOM
3280 Virginia Beach Boulevard
Virginia Beach, VA 23452
US
Next steps
After we receive your complete application package, your qualifications will be reviewed. You may follow the status of your application through the automated hiring system. Only those candidates chosen for an interview will be contacted. Fair & Transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
Criminal history inquiries Equal Employment Opportunity (EEO) Policy Financial suitability New employee probationary period Privacy Act Reasonable accommodation policy Selective Service Signature and false statements Social security number request
The Cybersecurity Engineer performs a variety of security related tasks, including the development and implementation of system information security standards and procedures. They ensure that information systems (IS) are functional and secure within the network environment.
This job is open to
The public
U.S. Citizens, Nationals or those who owe allegiance to the U.S. Duties
Incumbents of this position must be U.S. Citizens.
Responsibilities include:
Provides NEXCOM cybersecurity support, by performing full package analysis of all IT systems, as defined by the Navy Risk Management Framework (RMF) guide. Uses comprehensive knowledge of information systems security principles and methods and the requirements for assessment and authorization to provide technical leadership in reassessment of installed systems. Applies knowledge and skills of information systems security principles and methods, the requirements for assessment and authorization of systems testing and evaluation, and performance management methods to conduct security authorizations for installed systems and/or networks, as well as reassessments of installed systems. Interviews the Information Technology (IT) owner to obtain system or site information.Independently uses this and other available information to evaluate security features of the IT system or site being assessed and authorized.Extensively work with system-level program teams throughout the system lifecycle to ensure they meet DoD 8500 series. Documents A&A information in the Comprehensive RMF package ensuring internal consistency of the information while ensuring no omissions. Provides clear and detailed technical feedback on potential risks affecting the systems vulnerability footprint and recommended courses of action to mitigate or consider other options to meet mission requirements while preserving or improving the security postures. Responsible for continuous monitoring of the system's security posture to ensure ongoing compliance and the timely detection of security issues after authorization, as necessary. Develops Security Assessment Plan (SAP). Uses CS tools in development of test plans, including Defense Information System Agency (DISA) Security Test Implementation Guides (STIGs), vulnerability scanners (e.g., SCCVI/SCRI, ACAS), and other tools.Recommends mitigation measures to reduce risk. Capable of going off test procedure scripts to extensively test a possible discrepancy that the test procedures may not fully identify. Notes unmitigated discrepancies, documents countermeasures that are in place, and documents a POA&M for addressing open risk/residual risk items. Utilizes FedRAMP, PCI, and other third party package authorizations for reciprocity and use within the NEXCOM organization. Ensures effective implementation of organizational information systems, security regulations, policies and maintaining compliance with higher level requirements.Ability to identify system components, develop and maintain diagrams, assesses risks, determines security modes of operation, and recommends new or revised security measures and countermeasures. Keeps supervisors up to date on all assignments. Performs other related duties as assigned. Requirements
Conditions of Employment
Key Requirements Candidate must meet all qualification requirements by the closing date of this announcement. A one-year probationary period will be required upon selection. Social Security Card must be presented at time of appointment. If you are selected for this position, the documentation that you present for purposes of completing the Department of Homeland Security (DHS) Form I-9 will be verified through the DHS E-verify system. Federal Law requires verifying eligibility of all new hires. The Navy Exchange Service Command is an E-Verify Participant. Incumbents of this position must be U.S. Citizens. Candidates/Incumbent must be eligible for and obtain a Secret Clearance.
Other Requirements
Must be US Citizen.
SECNAV M-5239.2, DoN, Information Assurance (IA) Workforce Manual requires incumbents of this position to possess and maintain current, two types of certifications as follows:
Certified in Governance Risk and Compliance (CGRC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP+), GIAC Security Leadership Certification (GSLC). Technical Certification: Operating System/Computing Environment (OS/CE) certificate of training as dictated by Supervisor and approved by Command Cyber IT/CSWF-PM. Candidate is also required to sign a Privileged Access Agreement.
Candidates without the required certification may be placed into this job but must obtain the required certification within 6 months of appointment; failure to obtain this requirement will result in termination of employment.
This position in accordance with SECNAV M-5510.30 will require a favorable Single Scope Background Investigation (SSBI).
Candidates without the required certification may be placed into this job but must obtain the required certification within 6 months of appointment; failure to obtain this requirement will result in termination of employment.
This position in accordance with SECNAV M-5510.30 will require a favorable Single Scope Background Investigation (SSBI).
Qualifications
A total of 7 years of experience, consisting of the following:
Qualified candidates must be U.S. Citizens.
GENERAL EXPERIENCE: 3 years' experience in security, technical or investigative work which demonstrated the ability and aptitudes required to perform technical, managerial or analytical work involving management information systems.
OR
SUBSTITUTION OF EXPERIENCE FOR EDUCATION: One year of related academic study above the high school level may be substituted for 9 months of experience up to a maximum of a 4 year bachelor's degree in IT security or computer information systems for 3 years of general experience.
AND
SPECIALIZED EXPERIENCE: 4 years of experience in at least two of the following:
Technical analysis for infrastructure architecture; IT security compliance and reporting; Technical risk analysis; and Authorization and accreditation. This position is designated in accordance with SECNAV M-5510.30 and will require a favorable Access National Agency Check and Inquiries (ANACI).
Candidates must be eligible for and obtain a Secret Clearance, within 6 months of appointment. Failure to obtain will result in termination.
Education
4-year bachelor's degree in a related field preferred.
Additional information
Benefits
2024 Virtual Benefits Fair:
https://www.virtualfairhub.com/Nexcom/public/welcome.
Retirement Video:
https://vimeo.com/892701134/032227107c?share=copy.
Benefits
Review our benefits How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
Your qualifications will also be evaluated on the Minimum Qualification Requirements as described in your profile and resume.Credit will be given for appropriate paid and unpaid experience or volunteer work.
Benefits
Review our benefits Required Documents
As a new or existing federal employee, you and your family may have access to a range of benefits. Your benefits depend on the type of position you have - whether you're a permanent, part-time, temporary or an intermittent employee. You may be eligible for the following benefits, however, check with your agency to make sure you're eligible under their policies.
To apply for this position, you must provide a complete Application package which includes:
a) Your Resume.
b) Completion of Automated Application.
c) Any documents you wish to be reviewed.
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. How to Apply
Applicants must apply online via the Navy Exchange website, https://www.mynavyexchange.com/nex/work-for-us, and click "Work for Us."
To apply, please access our website by clicking on the link below and search for job number
240002WX
https://nexcom.taleo.net/careersection/.nexcom_ext_prof_cs/jobdetail.ftl?job=240002WX&tz=GMT-04%3A00&tzname=America%2FNew_York.
Agency contact information
Human Resources
nexcom.jobs@NEXWEB.ORG
Address
Navy Exchange Service Command - NEXCOM
3280 Virginia Beach Boulevard
Virginia Beach, VA 23452
US
Next steps
After we receive your complete application package, your qualifications will be reviewed. You may follow the status of your application through the automated hiring system. Only those candidates chosen for an interview will be contacted.
Fair and Transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
Criminal history inquiries Equal Employment Opportunity (EEO) Policy Financial suitability New employee probationary period Privacy Act Reasonable accommodation policy Selective Service Signature and false statements Social security number request
Required Documents
To apply for this position, you must provide a complete Application package which includes:
a) Your Resume.
b) Completion of Automated Application.
c) Any documents you wish to be reviewed.
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
How to Apply
Applicants must apply online via the Navy Exchange website, https://www.mynavyexchange.com/nex/work-for-us, and click "Work for Us."
To apply, please access our website by clicking on the link below and search for job number
240002WX
https://nexcom.taleo.net/careersection/.nexcom_ext_prof_cs/jobdetail.ftl?job=240002WX&tz=GMT-04%3A00&tzname=America%2FNew_York.
Agency contact information
Human Resources
nexcom.jobs@NEXWEB.ORG
Address
Navy Exchange Service Command - NEXCOM
3280 Virginia Beach Boulevard
Virginia Beach, VA 23452
US
Next steps
After we receive your complete application package, your qualifications will be reviewed. You may follow the status of your application through the automated hiring system. Only those candidates chosen for an interview will be contacted. Fair & Transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
Criminal history inquiries Equal Employment Opportunity (EEO) Policy Financial suitability New employee probationary period Privacy Act Reasonable accommodation policy Selective Service Signature and false statements Social security number request