LTS
Cyber Security Engineer (SME) TS clearance
LTS, Pasco, Washington, us, 99302
LTS
is seeking an experienced
System Assessment and Authorization/Cyber Security Engineer (SME)
to lead and provide expert guidance on cybersecurity compliance and risk management processes. The SME will be responsible for ensuring that all information systems within the program meet federal security standards, including FISMA (Federal Information Security Modernization Act) and NIST (National Institute of Standards and Technology) guidelines. The ideal candidate will have extensive experience in system security assessments, developing and implementing security policies, and leading authorization processes for National Security Systems (NSS).
This Program within the Department of Commerce is designed to manage and reduce cybersecurity risks of their customers and ensuring the convergence of IT security and business objectives by integrating cybersecurity into system development lifecycles and comply with the Federal Government's Risk Management Framework (RMF). The work will be performed on-site at the DOC located at 1401 Constitution Ave, NW.
*Contingent offer upon contract award*
LTS
provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.
LTS
is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver innovative solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure, and data analytics.
Responsibilities:Provide cybersecurity subject matter expertise to NSS(s)Ensure compliance with FISMA, NIST, and other federal cyber security requirements.Lead the development and execution of Security Assessment and Authorization (SA&A) activities, ensuring compliance with NIST 800-37 and other relevant frameworks.Conduct comprehensive security assessments of information systems, identifying vulnerabilities, and recommending mitigation strategies.Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms).Develop and support the ongoing authorization (OA) process for assigned systems including continuous monitoring.Assist with managing and executing tasks within eMASS, including security assessments, POA&Ms.Draft document, review and provide feedback on application of security requirements.Review and provide recommendations for POA&Ms closure to the NSS, as part of Independent Verification & Validation (IV&V).Coordinate with system owners, ISSOs (Information System Security Officers), and other stakeholders to ensure the successful authorization of systems.Provide expert advice on cyber security best practices, risk management, and threat mitigation techniques.Stay abreast of emerging cyber threats and security trends to enhance the organization's security posture.Support the development and implementation of security policies, standards, and procedures in alignment with federal guidelines.Lead efforts to achieve and maintain the Authority to Operate (ATO) for information systems.Mentor and guide junior cyber security professionals within the organization.Develop and deliver training on security assessment and authorization processes, tools, and best practices.Collaborate with cross-functional teams, including IT, operations, and legal, to integrate security into all aspects of the system lifecycle.Prepare and present reports on the security status of systems to senior leadership and external auditors.Manage and optimize vulnerability management processes and tools such as Tenable SC.Requirements:
Must hold at least a Master of Science (MS) or a Master of Arts (MA) degree in Cyber Security, Information Technology, Computer Science, or a related field or eight (8) years of experience.Must have a minimum of five (5) years of experience conducting security assessment authorization and Authorization to Operate (ATO).Minimum of three (3) years of experience with Governance, Risk Management and Compliance (GRC) Tool, eMASS.Certification: CISSP or CISMActive Top Secret
/ SCI eligible clearance.In-depth knowledge of FISMA, NIST 800-53, NIST 800-37, RMF (Risk Management Framework), and other relevant federal security standards.Proven experience leading SA&A processes and obtaining ATO for federal systems.Strong analytical, problem-solving, and communication skills.Ability to work independently and as part of a team in a fast-paced, dynamic environment.Desired Skills:
Experience working within the U.S. Department of Commerce or similar federal agencies.Familiarity with cloud security frameworks and federal cloud security requirements (e.g., FedRAMP).Experience with security tools such as Tenable Nessus, SCAP, or similar.
is seeking an experienced
System Assessment and Authorization/Cyber Security Engineer (SME)
to lead and provide expert guidance on cybersecurity compliance and risk management processes. The SME will be responsible for ensuring that all information systems within the program meet federal security standards, including FISMA (Federal Information Security Modernization Act) and NIST (National Institute of Standards and Technology) guidelines. The ideal candidate will have extensive experience in system security assessments, developing and implementing security policies, and leading authorization processes for National Security Systems (NSS).
This Program within the Department of Commerce is designed to manage and reduce cybersecurity risks of their customers and ensuring the convergence of IT security and business objectives by integrating cybersecurity into system development lifecycles and comply with the Federal Government's Risk Management Framework (RMF). The work will be performed on-site at the DOC located at 1401 Constitution Ave, NW.
*Contingent offer upon contract award*
LTS
provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.
LTS
is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver innovative solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure, and data analytics.
Responsibilities:Provide cybersecurity subject matter expertise to NSS(s)Ensure compliance with FISMA, NIST, and other federal cyber security requirements.Lead the development and execution of Security Assessment and Authorization (SA&A) activities, ensuring compliance with NIST 800-37 and other relevant frameworks.Conduct comprehensive security assessments of information systems, identifying vulnerabilities, and recommending mitigation strategies.Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms).Develop and support the ongoing authorization (OA) process for assigned systems including continuous monitoring.Assist with managing and executing tasks within eMASS, including security assessments, POA&Ms.Draft document, review and provide feedback on application of security requirements.Review and provide recommendations for POA&Ms closure to the NSS, as part of Independent Verification & Validation (IV&V).Coordinate with system owners, ISSOs (Information System Security Officers), and other stakeholders to ensure the successful authorization of systems.Provide expert advice on cyber security best practices, risk management, and threat mitigation techniques.Stay abreast of emerging cyber threats and security trends to enhance the organization's security posture.Support the development and implementation of security policies, standards, and procedures in alignment with federal guidelines.Lead efforts to achieve and maintain the Authority to Operate (ATO) for information systems.Mentor and guide junior cyber security professionals within the organization.Develop and deliver training on security assessment and authorization processes, tools, and best practices.Collaborate with cross-functional teams, including IT, operations, and legal, to integrate security into all aspects of the system lifecycle.Prepare and present reports on the security status of systems to senior leadership and external auditors.Manage and optimize vulnerability management processes and tools such as Tenable SC.Requirements:
Must hold at least a Master of Science (MS) or a Master of Arts (MA) degree in Cyber Security, Information Technology, Computer Science, or a related field or eight (8) years of experience.Must have a minimum of five (5) years of experience conducting security assessment authorization and Authorization to Operate (ATO).Minimum of three (3) years of experience with Governance, Risk Management and Compliance (GRC) Tool, eMASS.Certification: CISSP or CISMActive Top Secret
/ SCI eligible clearance.In-depth knowledge of FISMA, NIST 800-53, NIST 800-37, RMF (Risk Management Framework), and other relevant federal security standards.Proven experience leading SA&A processes and obtaining ATO for federal systems.Strong analytical, problem-solving, and communication skills.Ability to work independently and as part of a team in a fast-paced, dynamic environment.Desired Skills:
Experience working within the U.S. Department of Commerce or similar federal agencies.Familiarity with cloud security frameworks and federal cloud security requirements (e.g., FedRAMP).Experience with security tools such as Tenable Nessus, SCAP, or similar.