Technomics
Senior Cybersecurity Analyst/Engineer
Technomics, Arlington, Virginia, United States, 22201
Role & Responsibilities
Provide cybersecurity expertise to surface combat system program offices.Lead efforts to bring platform information technology systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO).Perform cybersecurity Assessment & Authorization work under the RMF guidelines including categorization, security planning, POA&M updates, review test results and assess for security control compliance, perform risk assessments, complete ATO package preparation for receipt of timely ATO.Coordinate with support team to ensure the hardening of systems under test to conforms all applicable regulations from DoD and the Defense Information Systems Agency (DISA). This includes but is not limited to Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG).Work with the NAVSEA, PEO IWS, and combat system program offices to ensure DOD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of the integrated combat systems and weapon systems.Work as a team player comfortable interacting with many different people and effective at verbal and written communication, supporting face-to-face meetings, phone, and email interactions with program leads, engineers, and team members.Advise DoD Program Offices on secure design and implementation of systems and capabilities.Identify security vulnerabilities and weaknesses in SW, HW and Architecture design for mission environments and be able to make recommended mitigations.Provide mentorship and training to team members including contractors, warfare centers, and other activities.Build briefs to convey critical information to NAVSEA decision makers including Major Program Managers, OPNAV, & Flag level.Work with Test & Evaluation leads to coordinate cyber test events to included Cyber Table Tops, Cooperative Vulnerability Assessments (CVA), and Cooperative Vulnerability Identification (CVI).Develop Tasked Planning Sheets (TPS) submitted by field activities for their cyber support for NAVSEA programs. Prioritize program requirements to ensure key tasking received adequate funding from program officeQualifications
Experience: 10+ years direct cybersecurity work, 7+ years of experience evaluating the cyber compliance of a system against current RMF and DoD Cybersecurity policiesEducation: Bachelor's Degree (BS/BA Cybersecurity Management or equivalent technical degree)Active DoD Secret clearanceKnowledge of NIST SP 800-53, DoDI 8500.01, and DoDI 8510.01.Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.Experience working with RMF tools such as Tenable and eMASS.Desired Qualifications
DoD 8570 Information Assurance Management (IAM) II or IAT III CertificationNavy Qualified Validator (NQV)Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.Familiarity with Navy combat systems enclaves.A working knowledge of DON, NAVSEA, and PEO IWS cyber regulations.
We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.
Provide cybersecurity expertise to surface combat system program offices.Lead efforts to bring platform information technology systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO).Perform cybersecurity Assessment & Authorization work under the RMF guidelines including categorization, security planning, POA&M updates, review test results and assess for security control compliance, perform risk assessments, complete ATO package preparation for receipt of timely ATO.Coordinate with support team to ensure the hardening of systems under test to conforms all applicable regulations from DoD and the Defense Information Systems Agency (DISA). This includes but is not limited to Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG).Work with the NAVSEA, PEO IWS, and combat system program offices to ensure DOD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of the integrated combat systems and weapon systems.Work as a team player comfortable interacting with many different people and effective at verbal and written communication, supporting face-to-face meetings, phone, and email interactions with program leads, engineers, and team members.Advise DoD Program Offices on secure design and implementation of systems and capabilities.Identify security vulnerabilities and weaknesses in SW, HW and Architecture design for mission environments and be able to make recommended mitigations.Provide mentorship and training to team members including contractors, warfare centers, and other activities.Build briefs to convey critical information to NAVSEA decision makers including Major Program Managers, OPNAV, & Flag level.Work with Test & Evaluation leads to coordinate cyber test events to included Cyber Table Tops, Cooperative Vulnerability Assessments (CVA), and Cooperative Vulnerability Identification (CVI).Develop Tasked Planning Sheets (TPS) submitted by field activities for their cyber support for NAVSEA programs. Prioritize program requirements to ensure key tasking received adequate funding from program officeQualifications
Experience: 10+ years direct cybersecurity work, 7+ years of experience evaluating the cyber compliance of a system against current RMF and DoD Cybersecurity policiesEducation: Bachelor's Degree (BS/BA Cybersecurity Management or equivalent technical degree)Active DoD Secret clearanceKnowledge of NIST SP 800-53, DoDI 8500.01, and DoDI 8510.01.Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.Experience working with RMF tools such as Tenable and eMASS.Desired Qualifications
DoD 8570 Information Assurance Management (IAM) II or IAT III CertificationNavy Qualified Validator (NQV)Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.Familiarity with Navy combat systems enclaves.A working knowledge of DON, NAVSEA, and PEO IWS cyber regulations.
We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.