Martin Construction - Huntsville, AL
posted 8 days ago
Full-time
Huntsville, AL
Construction of Buildings
About the position
The Cyber Security Test Engineer will support the Missile Defense Agency (MDA) by maintaining operations within the Ground Based Mid-Course Defense Program Office (GMD). This role involves developing security plans, performing technical work related to the Risk Management Framework (RMF), and ensuring compliance with security requirements.
Responsibilities
- Assist in Security Plans (SSPs) development, Interim Authority to Test (IATT), Authority to Connect (ATC), and Authority to Operate (ATO) packages.
- Perform technical work utilizing the Risk Management Framework (RMF) process including analyzing and solving Information Assurance (IA)-related technical problems.
- Ensure that system security artifacts are developed, reviewed, and updated as needed.
- Confirm that all RMF requirements are properly addressed and required artifacts are loaded and managed within Enterprise Mission Assurance Support Service (eMASS).
- Analyze complex problems, identify root causes, and develop actionable recommendations with effective solutions.
- Interface with other cyber teams to review RMF Contract Data Requirements Lists (CDRLs) and ensure timely delivery of CDRL artifacts, while providing feedback to ensure the sufficiency and quality of cyber artifacts.
- Conduct periodic reviews of each system's audits and monitor corrective actions until all actions are closed.
- Perform vulnerability/risk analysis of systems using expertise in relevant information systems security.
- Track and monitor Plan of Action and Milestones (POA&Ms).
- Conduct reviews of cybersecurity artifacts and technical briefings and work with customers to resolve any findings.
- Ensure that identified security controls are implemented and operating as intended through all phases of the lifecycle.
Requirements
- Bachelor's degree and 3+ years of related professional experience.
- Active Secret Clearance.
- Experience with DoD's RMF and SSP processes.
Nice-to-haves
- Experience Managing Cyber Task Orders (CTOs) reporting, mitigation, and compliance.
- Experience in the Missile Defense Agency.
- DoD 8570 compliant IAM Level II certification (Sec +).
