LTS Inc.
Cyber Security Engineer (SME) TS clearance
LTS Inc., Washington, District of Columbia, us, 20022
Cyber Security Engineer (SME) TS clearance
Location:
Washington, DC
Employment Duration:
Full time
Job Code:
2784
LTS
is seeking an experienced
System Assessment and Authorization/Cyber Security Engineer (SME)
to lead and provide expert guidance on cybersecurity compliance and risk management processes. The SME will be responsible for ensuring that all information systems within the program meet federal security standards, including FISMA (Federal Information Security Modernization Act) and NIST (National Institute of Standards and Technology) guidelines. The ideal candidate will have extensive experience in system security assessments, developing and implementing security policies, and leading authorization processes for National Security Systems (NSS).
This Program within the Department of Commerce is designed to manage and reduce cybersecurity risks of their customers and ensuring the convergence of IT security and business objectives by integrating cybersecurity into system development lifecycles and comply with the Federal Government's Risk Management Framework (RMF). The work will be performed on-site at the DOC located at 1401 Constitution Ave, NW.
*Contingent offer upon contract award*
Responsibilities:
Provide cybersecurity subject matter expertise to NSS(s).
Ensure compliance with FISMA, NIST, and other federal cybersecurity requirements.
Lead the development and execution of Security Assessment and Authorization (SA&A) activities, ensuring compliance with NIST 800-37 and other relevant frameworks.
Conduct comprehensive security assessments of information systems, identifying vulnerabilities, and recommending mitigation strategies.
Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms).
Develop and support the ongoing authorization (OA) process for assigned systems including continuous monitoring.
Assist with managing and executing tasks within eMASS, including security assessments and POA&Ms.
Draft documents, review, and provide feedback on the application of security requirements.
Review and provide recommendations for POA&Ms closure to the NSS, as part of Independent Verification & Validation (IV&V).
Coordinate with system owners, ISSOs (Information System Security Officers), and other stakeholders to ensure the successful authorization of systems.
Provide expert advice on cybersecurity best practices, risk management, and threat mitigation techniques.
Stay abreast of emerging cyber threats and security trends to enhance the organization’s security posture.
Support the development and implementation of security policies, standards, and procedures in alignment with federal guidelines.
Lead efforts to achieve and maintain the Authority to Operate (ATO) for information systems.
Mentor and guide junior cybersecurity professionals within the organization.
Develop and deliver training on security assessment and authorization processes, tools, and best practices.
Collaborate with cross-functional teams, including IT, operations, and legal, to integrate security into all aspects of the system lifecycle.
Prepare and present reports on the security status of systems to senior leadership and external auditors.
Manage and optimize vulnerability management processes and tools such as Tenable SC.
Requirements:
Must hold at least a Master of Science (MS) or a Master of Arts (MA) degree in Cyber Security, Information Technology, Computer Science, or a related field or eight (8) years of experience.
Must have a minimum of five (5) years of experience conducting security assessment authorization and Authorization to Operate (ATO).
Minimum of three (3) years of experience with Governance, Risk Management and Compliance (GRC) Tool, eMASS.
Certification: CISSP or CISM.
In-depth knowledge of FISMA, NIST 800-53, NIST 800-37, RMF (Risk Management Framework), and other relevant federal security standards.
Proven experience leading SA&A processes and obtaining ATO for federal systems.
Strong analytical, problem-solving, and communication skills.
Ability to work independently and as part of a team in a fast-paced, dynamic environment.
Desired Skills:
Experience working within the U.S. Department of Commerce or similar federal agencies.
Familiarity with cloud security frameworks and federal cloud security requirements (e.g., FedRAMP).
Experience with security tools such as Tenable Nessus, SCAP, or similar.
LTS
is committed to offering eligible employees comprehensive benefits that will provide them with options intended to meet their needs and the needs of their family.
LTS
is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
#J-18808-Ljbffr
Location:
Washington, DC
Employment Duration:
Full time
Job Code:
2784
LTS
is seeking an experienced
System Assessment and Authorization/Cyber Security Engineer (SME)
to lead and provide expert guidance on cybersecurity compliance and risk management processes. The SME will be responsible for ensuring that all information systems within the program meet federal security standards, including FISMA (Federal Information Security Modernization Act) and NIST (National Institute of Standards and Technology) guidelines. The ideal candidate will have extensive experience in system security assessments, developing and implementing security policies, and leading authorization processes for National Security Systems (NSS).
This Program within the Department of Commerce is designed to manage and reduce cybersecurity risks of their customers and ensuring the convergence of IT security and business objectives by integrating cybersecurity into system development lifecycles and comply with the Federal Government's Risk Management Framework (RMF). The work will be performed on-site at the DOC located at 1401 Constitution Ave, NW.
*Contingent offer upon contract award*
Responsibilities:
Provide cybersecurity subject matter expertise to NSS(s).
Ensure compliance with FISMA, NIST, and other federal cybersecurity requirements.
Lead the development and execution of Security Assessment and Authorization (SA&A) activities, ensuring compliance with NIST 800-37 and other relevant frameworks.
Conduct comprehensive security assessments of information systems, identifying vulnerabilities, and recommending mitigation strategies.
Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms).
Develop and support the ongoing authorization (OA) process for assigned systems including continuous monitoring.
Assist with managing and executing tasks within eMASS, including security assessments and POA&Ms.
Draft documents, review, and provide feedback on the application of security requirements.
Review and provide recommendations for POA&Ms closure to the NSS, as part of Independent Verification & Validation (IV&V).
Coordinate with system owners, ISSOs (Information System Security Officers), and other stakeholders to ensure the successful authorization of systems.
Provide expert advice on cybersecurity best practices, risk management, and threat mitigation techniques.
Stay abreast of emerging cyber threats and security trends to enhance the organization’s security posture.
Support the development and implementation of security policies, standards, and procedures in alignment with federal guidelines.
Lead efforts to achieve and maintain the Authority to Operate (ATO) for information systems.
Mentor and guide junior cybersecurity professionals within the organization.
Develop and deliver training on security assessment and authorization processes, tools, and best practices.
Collaborate with cross-functional teams, including IT, operations, and legal, to integrate security into all aspects of the system lifecycle.
Prepare and present reports on the security status of systems to senior leadership and external auditors.
Manage and optimize vulnerability management processes and tools such as Tenable SC.
Requirements:
Must hold at least a Master of Science (MS) or a Master of Arts (MA) degree in Cyber Security, Information Technology, Computer Science, or a related field or eight (8) years of experience.
Must have a minimum of five (5) years of experience conducting security assessment authorization and Authorization to Operate (ATO).
Minimum of three (3) years of experience with Governance, Risk Management and Compliance (GRC) Tool, eMASS.
Certification: CISSP or CISM.
In-depth knowledge of FISMA, NIST 800-53, NIST 800-37, RMF (Risk Management Framework), and other relevant federal security standards.
Proven experience leading SA&A processes and obtaining ATO for federal systems.
Strong analytical, problem-solving, and communication skills.
Ability to work independently and as part of a team in a fast-paced, dynamic environment.
Desired Skills:
Experience working within the U.S. Department of Commerce or similar federal agencies.
Familiarity with cloud security frameworks and federal cloud security requirements (e.g., FedRAMP).
Experience with security tools such as Tenable Nessus, SCAP, or similar.
LTS
is committed to offering eligible employees comprehensive benefits that will provide them with options intended to meet their needs and the needs of their family.
LTS
is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
#J-18808-Ljbffr