Senior Systems Engineer - Cybersecurity Programs Job at ANSER in Alexandria
ANSER, Alexandria, VA, US, 22350
Job Description
Company Overview:
ANSER enhances national and homeland security by strengthening public institutions. We provide thought leadership for complex issues through independent analysis, and we deliver practical, useful solutions. ANSER values collaboration, integrity, and initiative and we are client focused in all that we do. Because we were established for the purpose of public service and not for profit, we measure our success in the impact of our service.
Position Overview:
ANSER is seeking a Senior Systems Engineer to support a federal program in cybersecurity planning, analysis, development, and promulgation of cybersecurity strategies. In this role you will provide engineering support, technical and analytical cybersecurity research, compliance and verification program support and Information Security Continuous Monitoring (ISCM) support.
Day to Day Responsibilities:
- Provide Cybersecurity (CS) Engineering Review Group Governance Board secretariat functions for the monthly community meetings to address technical CS challenges of major DoD systems, networks and interconnections; Non-classified Internet Protocol (IP) Router Network (NIPRNet) hardening subject matter expertise (SME) for the Department.
- Research and maintain relevant statistics regarding NIPRNet hardening projects and provide input to scorecard efforts; prepare responses to queries on CS engineering principles from the White House, Congressional Staffs, Defense Science Board, DoD Inspector General, Government Performance and Results Act and Freedom for Information Act Information
- Manage tasks and activities of the Cyber Security Mission Support of Defense Industrial Base Technical Architecture Working Group
- Support requests for information and data; and day-to-day technical CS engineering support for critical mission infrastructure protection and safe information sharing with foreign partner cross domain connection requirements.
- Provide CS technical and analytical research and support for strategies, policies, and capabilities, funding and budgeting, and associated management methodologies.
- Provide metrics, cybersecurity, secure and resilient architectures, cyber technologies, and risk assessment methodologies. Support the integration of these methodologies and associated services into measurement tools mapped to actionable and measurable CS metrics, emphasizing the National Institute of Standards and Technology (NIST) security controls and Risk Management Framework.
- Provide robust cyber analytics enabling informed, timely, effective, and accurate enterprise assessments for cyber and information technology portfolios and capabilities.
- Support the implementation and use of metrics and enterprise scorecards to track and analyze implementation and execution of DoD CS objectives, as defined by DoD CS strategies, policies.
- Identify and aggregate all major CS metrics efforts within the Department; support collaboration among major metrics efforts; leverage academic and industry experts; create and maintain dashboards to house, aggregate, and display data; support community collaboration and teaming through meetings and working group.
- Assist with implementing business transformation, portfolio management, or decision support methods, processes, and tools, to include measuring the execution and performance of the Department’s cybersecurity programs.
- Support plans and programs activities including CS portfolio management/focus team/issue paper support; program review support; responses to Congressional, Inspectors General, and other stakeholders' reports and audits; Legislative, Executive, and other Federal document review support, and Computer Network Defense oversight activities.
- Support the design of a DoD CS compliance and verification program, and research new and innovative means to measure and improve DoD CS compliance.
- Support the development of data collection plans, identification of appropriate data elements, analysis and recommendation of technology solutions for compliance monitoring and reporting, pilot compliance initiatives and automation, and development of efficient automated assessment and reporting plans that leverage Security Content Automation Protocol standards.
- Provide subject matter expertise in the institutionalization of Continuous Monitoring across the DoD including providing a consistent set of analytics to inform defensive cyber operation activities in the areas of cyber situational awareness, CS risk scoring, risk management decisions, and business decisions related to license and software management.
- Assist with development of a number of ISCM artifacts, to include the ISCM Strategy, ISCM Implementation Plan, ISCM Data Strategy, and will also participate in an analysis of current federal risk scoring strategies and proposals for potential improvements to DoD CS risk scoring consistent with the NIST Common Vulnerability Scoring methodology and other federal requirements.
- Assist with improving the foundation of the current ISCM program to include the development of an ISCM roadmap; high level reference architecture; and ISCM capability portfolio based upon DoD Components’ tools and technologies. Work with DISA on enterprise capabilities within the Secure Content Management, Electronic Digital Management System, and Analytic portfolio periodic assessments.
- Assist with development and implementation tracking of DoD specific guidance supporting ISCM implementation throughout the Department and assist with the development and transfer of ISCM requirements from DoD CIO to DISA for integration into the ISCM baseline.
- Support the Federal CIO Council's Continuous Monitoring Working Group and prepare documentation and briefings for delivery to senior DoD and Federal Community officials on the status of DoD ISCM processes, procedures, and issues.
Required Qualifications:
- Active TS/SCI Clearance
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity related field
- Ten (10) or more years progressive relevant experience providing government or defense agencies decision support, analysis, technical program support related to cybersecurity and/or systems engineering and supporting cybersecurity, technology programs.
- Demonstrated understanding and knowledge of cybersecurity standards and policies.
Preferred Qualifications:
- Knowledge of Department of Defense (DoD) acquisition programs, systems and infrastructure.
- Previous experience presenting or briefing high level stakeholders, military officials and policy makers.
- Cybersecurity Certification such as CISSP or other relevant certification.
In compliance with the Americans with Disabilities Act Amendment Act (ADA), if you have a disability and would like to request an accommodation in order to apply for a position with ANSER, please call 703-416-2000 or e-mail Recruiting@anser.org
ANSER is proud to be an Equal Opportunity Employer. We seek individuals from a broad variety of backgrounds with varying levels of experience who have a desire to do meaningful work. We recruit, employ, train, compensate, and promote regardless of race, color, gender, religion, national origin, ancestry, disability, age, veteran status, sexual orientation, or any other characteristic protected by law.