Cybersecurity Engineer with Secret Clearance

Testpros - Tampa, FL

posted 5 days ago

Full-time - Mid Level
Hybrid - Tampa, FL
Professional, Scientific, and Technical Services

About the position

The Cybersecurity Engineer at TestPros is responsible for managing the Risk Management Framework (RMF) process and reviewing/updating the Authority to Operate (ATO) and Authority to Connect (ATC) approval packages. This role serves as the primary security advisor on multiple systems, ensuring the protection of IT resources and compliance with security standards. The position requires a DoD Secret clearance and at least 4 years of experience in cybersecurity, with a focus on identifying and mitigating security vulnerabilities.

Responsibilities

  • Conduct comprehensive IT security control assessments on systems identified within the scope of the contract.
  • Provide an assessment on the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions and or controls to address identified vulnerabilities.
  • Review the System Security Plan (SSP) prior to initiating the security control assessment and ensure the plan provides a set of security controls for the information system that meet the stated security requirements.
  • Advise the ISSM concerning impact values for confidentiality, integrity, and availability for the information on a system.
  • Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards and controls to mitigate vulnerabilities.
  • Review and approve the information system security assessment plan, which is comprised of the SSP, the Security Controls Traceability Matrix (SCTM), and the Security Control Assessment Procedures.
  • Ensure security control assessments are completed for each information system and ensure controls are working as intended and these controls protect the confidentiality, integrity and availability of IT resources at the appropriate levels.
  • Prepare the final Security Assessment Report (SAR) containing the results and findings from the assessment at the conclusion of each security control assessment activity.
  • For each completed site visit, provide a visit report.
  • Support compliance with RMF controls to include, as necessary, development of Plans of Action and Milestones (POA&Ms) and mitigation of control deficiencies.
  • Evaluate security control assessment documentation and provide written recommendations for security authorization to the AO.
  • Assemble and submit the security authorization artifacts to the AO (consisting of, at a minimum, the SSP, the SAR, the POA&M, and a Risk Assessment Report (RAR)).
  • Assess the proposed changes to information systems, their environment of operation, and mission needs to determine if they are security-relevant and could therefore affect system authorization.
  • Use Security controls defined by the AO and lead ISSM.

Requirements

  • U.S. Citizenship.
  • 4-8 years of experience in cybersecurity.
  • DoD Secret clearance.
  • Bachelor's Degree or equivalent work experience is highly preferred.
  • Possession of one of these IAT II (or other) certifications: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP.
  • Excellent listening skills, effective and efficient oral and written communication skills.
  • Strong written, verbal communication and presentation skills.
  • Solid time management, planning, organizational communication skills, and ability to scope prospective engagements, develop proposals and project plans.

Benefits

  • Competitive salary
  • Medical/dental/vision insurance
  • Disability insurance
  • Life insurance
  • Paid time off
  • Paid holidays
  • 401(k) retirement plan with company match
  • Opportunities for professional growth
  • Cell phone discounts

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service