Schubringglobal
Cybersecurity Engineer (RMF/ATO)
Schubringglobal, Sterling, Virginia, United States, 22170
SGS was founded in 2013 to provide elite security consulting to forward-thinking organizations. Our customers recognize that security is not a commodity and requires the best advice possible for the best value.Our approach is straightforward. Our team has been on both sides of the table, and we firmly believe in treating our customers the way we would expect to be treated. Every member of our team embraces our core values. We will not compromise our integrity, and we will only act in our customers' best interests.As security practitioners, we embrace the impact of our actions and recommendations on our customers and their people. We operate as trusted partners…because that is what we are.We are seeking a Cybersecurity Engineer to become a valued member of our team supporting a government client. The work entails conducting assessments related to RMF and other standards to ensure the client maintains an ATO.Key Responsibilities:Working as a member of the design team to ensure cybersecurity is built into the system.Performing the technical hardening and documentation of the system.Conducting cybersecurity hardening activities (system patching, updating (applications, OSs, firmware, antivirus, etc.), applying Secure Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs), and any other secure configuration requirements.Applying all applicable Defense Information System Agency (DISA) STIGs and SRGs to all system components. This includes all OS, Firmware, Group Policy, Domain, Network, and Application-Specific STIGs/SRGs.Using the automated Security Content Automation Protocol (SCAP) tool to evaluate STIG/SRG compliance.Completing STIG/SRG checklists for system components.Conducting vulnerability scans using Nessus (ensuring ACAS compatibility).Developing documentation to support the project (e.g. Implementation Plan, Security Controls, diagrams, and anything related to the RMF/RMF AO package).Required Degree/Certifications:5 years with BS/BA; 3 years with MS/MA; 0 years with PhDPossess one of the following certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSPRequired Experience:Five years of cybersecurity experience in performing system hardening.Demonstrated experience with performing STIG implementation.Demonstrated experience performing vulnerability assessments with the Nessus and Assured Compliance Assessment Solution (ACAS) compliant scans.Demonstrated experience remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating Systems.Other Requirements:Travel up to 50%Be willing to submit to a government suitability investigation.Familiarity with the following:
UFC 4-010-06 Cybersecurity of Facility-Related Control SystemsAR 25-2 Army CybersecurityAR 190-51 Security of Unclassified Army ResourcesDoD Directive 8140.01 Cyberspace Workforce ManagementDoD Instruction 8500.01, CybersecurityDoD Instruction 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT)Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs)
Have completed, or willing to complete Antiterrorism/Operations Security (AT/OPSEC)Other:Travel: 50%Location: Sterling, Virginia (On-Site)Job Type: Full timeCareer Level: Mid-careerCategory: EngineeringExemption Type: ExemptUnited States Citizenship is RequiredSecurity Clearance: Must successfully pass a company background check.SGS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, national origin, age, protected veteran status, or disability status.The pay range for this role is:95,000 - 100,000 USD per year (Sterling, VA)
#J-18808-Ljbffr
UFC 4-010-06 Cybersecurity of Facility-Related Control SystemsAR 25-2 Army CybersecurityAR 190-51 Security of Unclassified Army ResourcesDoD Directive 8140.01 Cyberspace Workforce ManagementDoD Instruction 8500.01, CybersecurityDoD Instruction 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT)Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs)
Have completed, or willing to complete Antiterrorism/Operations Security (AT/OPSEC)Other:Travel: 50%Location: Sterling, Virginia (On-Site)Job Type: Full timeCareer Level: Mid-careerCategory: EngineeringExemption Type: ExemptUnited States Citizenship is RequiredSecurity Clearance: Must successfully pass a company background check.SGS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, national origin, age, protected veteran status, or disability status.The pay range for this role is:95,000 - 100,000 USD per year (Sterling, VA)
#J-18808-Ljbffr