OSC Edge
Cyber Security Engineer
OSC Edge, Augusta, Georgia, United States, 30910
As the Cyber Security Engineer, the candidate will perform tasks related to Assessment & Authorization (A&A) to ensure assigned DoD, DoA systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs. Additionally, the individual will serve as regulations and Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, as well as non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.
#LI-DNI
Responsibilities
Develops RMF accreditation artifact documentation to include Risk Assessment Report (RAR), Information Security Continuous Monitoring (ISCM) Strategy, Security Authorization Package, engineering documentation, network drawings, and related documentation as required by DoD and DoN accreditation standardsDevelops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO certificationsReviews weekly CND vulnerability scans utilizing DoD/DoA mandated practices and software utilitiesConducts FISMA assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI, 1253 and the Cybersecurity StrategyPrepare daily, weekly, and monthly reports detailing task and responsibility statusDevelops, reviews, and maintains RMF artifacts for RMF complianceSupports Cybersecurity Test & Evaluation (CT&E) or Developmental Test & Evaluation (DT&E) activities of system security engineering and program protection activitiesDrafts authorization artifacts in accordance with customer requirementsMonitors and executes compliance as defined by VRAM for the DoAUpdates and validates policies, processes, and SOPs, in accordance with DoA and DoD policies and regulationsProvides IT Security Incident Response support services and reports all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reportsPerforms system categorization; selects, tailors security controls, implements, and tests security controlsAttends and leads meetings and works in collaborative a team environment to provide network stability and continuityPerforms other tasks as required by OSC and the Government contracting officeRequired Qualifications/Education and Experience
High School diploma or equivalentMinimum of four (4) years of hands-on experience in the IT/Communications Security environmentMust have and maintain a Secret personnel clearance or higher and be eligible for a TS/SCIMust be DoD 8570 certified at the IAM-II levelMust have at minimum (2) years' experience with DoA, DoD RMF process; must have completed full DoD RMF accreditation package from start to ATOMust have strong working experience with eMASS and experience in the development of Assessment and Authorization plans.In depth understanding of computer security, Department of Army, and DoD cyber security policiesPrior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), other DoA, and DoD cybersecurity toolsStrong ability to communicate clearly and succinctly in written and oral presentationsPrior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement drivenHave knowledge in network, physical, systems, and application security practicesMust be familiar with intrusion detection and prevention measures and practicesMust be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, HBSS, ACAS, Nessus, ARCSIGHT and SIEMsFamiliarity with DoD, NIST, RMF and FedRAMP processesExcellent written and verbal communication skillsExperience running ACAS scansKnowledge of multiple architectures: Cisco, Linux, Windows, and VMWarePreferred Qualifications/Education and Experience
Bachelor's degree (preferably in Information Technology, Information Management, or Cyber Security)Certified Information Systems Security Professional (CISSP) certificationExperience with SIEMs
Equal Employment Opportunity/M/F/disability/protected veteran status
#LI-DNI
Responsibilities
Develops RMF accreditation artifact documentation to include Risk Assessment Report (RAR), Information Security Continuous Monitoring (ISCM) Strategy, Security Authorization Package, engineering documentation, network drawings, and related documentation as required by DoD and DoN accreditation standardsDevelops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO certificationsReviews weekly CND vulnerability scans utilizing DoD/DoA mandated practices and software utilitiesConducts FISMA assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI, 1253 and the Cybersecurity StrategyPrepare daily, weekly, and monthly reports detailing task and responsibility statusDevelops, reviews, and maintains RMF artifacts for RMF complianceSupports Cybersecurity Test & Evaluation (CT&E) or Developmental Test & Evaluation (DT&E) activities of system security engineering and program protection activitiesDrafts authorization artifacts in accordance with customer requirementsMonitors and executes compliance as defined by VRAM for the DoAUpdates and validates policies, processes, and SOPs, in accordance with DoA and DoD policies and regulationsProvides IT Security Incident Response support services and reports all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reportsPerforms system categorization; selects, tailors security controls, implements, and tests security controlsAttends and leads meetings and works in collaborative a team environment to provide network stability and continuityPerforms other tasks as required by OSC and the Government contracting officeRequired Qualifications/Education and Experience
High School diploma or equivalentMinimum of four (4) years of hands-on experience in the IT/Communications Security environmentMust have and maintain a Secret personnel clearance or higher and be eligible for a TS/SCIMust be DoD 8570 certified at the IAM-II levelMust have at minimum (2) years' experience with DoA, DoD RMF process; must have completed full DoD RMF accreditation package from start to ATOMust have strong working experience with eMASS and experience in the development of Assessment and Authorization plans.In depth understanding of computer security, Department of Army, and DoD cyber security policiesPrior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), other DoA, and DoD cybersecurity toolsStrong ability to communicate clearly and succinctly in written and oral presentationsPrior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement drivenHave knowledge in network, physical, systems, and application security practicesMust be familiar with intrusion detection and prevention measures and practicesMust be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, HBSS, ACAS, Nessus, ARCSIGHT and SIEMsFamiliarity with DoD, NIST, RMF and FedRAMP processesExcellent written and verbal communication skillsExperience running ACAS scansKnowledge of multiple architectures: Cisco, Linux, Windows, and VMWarePreferred Qualifications/Education and Experience
Bachelor's degree (preferably in Information Technology, Information Management, or Cyber Security)Certified Information Systems Security Professional (CISSP) certificationExperience with SIEMs
Equal Employment Opportunity/M/F/disability/protected veteran status