SilverEdge
Cyber Security Systems Engineer - SME with Security Clearance
SilverEdge, Herndon, Virginia, United States, 22070
Cyber Security Systems Engineer - SME with Security Clearance
Overview: We are actively seeking Cyber Security Systems Engineers with a minimum of sixteen (16) years' experience. This opportunity is supporting the customer's Division level A&A projects which has several Branches within it. The A&A projects are therefore at various levels within the customer organization depending upon which team is responsible for initial development and accreditation vs. long term Operations and Maintenance support. Bachelor's or Master's Degree are preferred in one or more discipline but can be waived if previous direct ISSE support to this customer.Responsibilities:
Possess multi–tasking skills, as well as be a good communicator/facilitator.Comfortable at all levels from developer to senior staff.Knowledge of the complex network environments involving shared networks and multiple security enclaves.Possess the ability to bridge the technical implementation (i.e. developer talk) into commonly understood security terms.Document the various security control implementations and gather artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts.Document and obtain a general understanding of the architecture being developed or that was developed for each project to write the Systems Security Plans (SSP)/CONOPS in the Greenlight application.Gather information by working with various team members to write additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP's), etc.Support Accreditation and Authorization (A&A) reviews by ISSO/M, as well as the Security Controls Assessor (SCA).Document the Plans of Actions and Milestones (POA&Ms) implementation responses or mitigations, and provide all required artifacts.Coordinate with various contractor and staff personnel to obtain the A&A content, and work with various customer security organizations to navigate the customer's A&A process to achieve Authority to Develop (ATD), Interim Authority to Operation (IATT), and Authority to Operate (ATO).Keep track of where each of the various A&A projects are within the customer's A&A process to know when it's time to re–submit for accreditation or an accreditation extension.Preferred Education, Experience, & Skills:
Previous ISSE experience directly supporting the customer.Previous ISSO experience directly supporting the customer is also helpful.Various security tools and reports such as Greenlight, RoadRunner, Rapid 7, WebInspect, App Detective, and Splunk.Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.).Virtualization experience (VDI & VMWare).Basic knowledge is helpful, but not required for the following general topics: Cloud security control implementation, PKI implementation, STIG compliance and vulnerability management, and Security Development and Operations (SecDevOps).CISSP, or GSLC.AWS Certified Security Specialty.Basic Excel and Microsoft Office365.Security Clearance:
Active, in–scope US Government issued Top Secret Clearance w/ FS Poly. Due to the nature of the work and contract requirements, US Citizenship is required.
#J-18808-Ljbffr
Overview: We are actively seeking Cyber Security Systems Engineers with a minimum of sixteen (16) years' experience. This opportunity is supporting the customer's Division level A&A projects which has several Branches within it. The A&A projects are therefore at various levels within the customer organization depending upon which team is responsible for initial development and accreditation vs. long term Operations and Maintenance support. Bachelor's or Master's Degree are preferred in one or more discipline but can be waived if previous direct ISSE support to this customer.Responsibilities:
Possess multi–tasking skills, as well as be a good communicator/facilitator.Comfortable at all levels from developer to senior staff.Knowledge of the complex network environments involving shared networks and multiple security enclaves.Possess the ability to bridge the technical implementation (i.e. developer talk) into commonly understood security terms.Document the various security control implementations and gather artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts.Document and obtain a general understanding of the architecture being developed or that was developed for each project to write the Systems Security Plans (SSP)/CONOPS in the Greenlight application.Gather information by working with various team members to write additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP's), etc.Support Accreditation and Authorization (A&A) reviews by ISSO/M, as well as the Security Controls Assessor (SCA).Document the Plans of Actions and Milestones (POA&Ms) implementation responses or mitigations, and provide all required artifacts.Coordinate with various contractor and staff personnel to obtain the A&A content, and work with various customer security organizations to navigate the customer's A&A process to achieve Authority to Develop (ATD), Interim Authority to Operation (IATT), and Authority to Operate (ATO).Keep track of where each of the various A&A projects are within the customer's A&A process to know when it's time to re–submit for accreditation or an accreditation extension.Preferred Education, Experience, & Skills:
Previous ISSE experience directly supporting the customer.Previous ISSO experience directly supporting the customer is also helpful.Various security tools and reports such as Greenlight, RoadRunner, Rapid 7, WebInspect, App Detective, and Splunk.Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.).Virtualization experience (VDI & VMWare).Basic knowledge is helpful, but not required for the following general topics: Cloud security control implementation, PKI implementation, STIG compliance and vulnerability management, and Security Development and Operations (SecDevOps).CISSP, or GSLC.AWS Certified Security Specialty.Basic Excel and Microsoft Office365.Security Clearance:
Active, in–scope US Government issued Top Secret Clearance w/ FS Poly. Due to the nature of the work and contract requirements, US Citizenship is required.
#J-18808-Ljbffr