Cybersecurity Engineer

Synaptek Corporation - Springfield, VA

posted 4 months ago

Full-time - Mid Level
Springfield, VA
Professional, Scientific, and Technical Services

About the position

We are seeking a Cybersecurity Engineer to join our team supporting our NGA customer in Springfield, VA. This position requires a strong understanding of cybersecurity principles and practices, particularly in the context of Department of Defense (DoD) systems. The Cybersecurity Engineer will be responsible for conducting system security engineering and Risk Management Framework (RMF) security authorizations actions, developing assessment and authorization (A&A) body of evidence (BOE) documentation, and coordinating cybersecurity evaluation actions. The role involves carrying out system authorization actions, including system categorization, security control implementation, and assessment, as well as validation coordination and collaboration. In this role, you will provide system owners with security status updates and project progress reports. You will also be responsible for authoring, reviewing, and submitting cybersecurity documentation for information system authorizations, encryption evaluations, and best practices white papers. Utilizing MS Office products, you will develop documentation and use web-based cybersecurity and system authorization collaboration applications (MCCAST) to store documents, evaluate system controls, and collaborate with security authorization personnel both within and outside the organization. Additionally, you will provide consultation to government customers regarding system encryption capabilities and requirements, RMF policies and regulations, continuous monitoring, and system authorization projects. Conducting self-assessments using Vulnerability Assessment Tools (SCC, Nessus, DISA STIG Checklists) to develop reports and evaluate system security posture will also be part of your responsibilities. You will develop, update, and track system authorization activities for security authorization projects using Microsoft Project, conduct risk assessments and risk scoring using the Common Vulnerability Scoring System (CVSS), and develop test reports listing the actions taken to test systems and cybersecurity test results. Furthermore, you will develop and implement continuous monitoring programs used to conduct annual security reviews, self-assessments, security controls review, and system security posture reporting. The role also includes reviewing, interpreting, and implementing policy for GBAD systems, as well as developing and managing system authorization project management sheets and tasks, mapping required tasks to accomplish system authorization, and tracking task completion.

Responsibilities

  • Conduct system security engineering and Risk Management Framework (RMF) security authorizations actions developing assessment and authorization (A&A) body of evidence (BOE) documentation, coordinating, and collaborating cybersecurity evaluation actions.
  • Carry out system authorization actions to include system categorization, security control implementation and assessment, validation coordination and collaboration.
  • Provide system owner system security status and project progress reports.
  • Author, review, and submit cybersecurity documentation for information system authorizations, encryption evaluation, and cybersecurity best practices white papers.
  • Utilize MS office products to develop documentation and web-based cybersecurity and system authorization collaboration applications (MCCAST) to store documents, evaluate system controls and collaborate with security authorization personnel within and outside of the organization.
  • Provide consultation to government customer regarding system encryption capabilities and requirements, RMF policies and regulations, continuous monitoring, and system authorization projects.
  • Conduct self-assessments using Vulnerability Assessment Tools (SCC, Nessus, DISA STIG Checklists) to develop reports and evaluate system security posture.
  • Develop, update, and track system authorization activities for security authorization projects using Microsoft Project.
  • Conduct risk assessments and risk scoring using Common Vulnerability Scoring System (CVSS). Develop test reports listing the actions taken to test systems and cybersecurity test results.
  • Develop and implement continuous monitoring programs used to conduct annual security reviews, self-assessments, security controls review, and system security posture reporting.
  • Review, interpret, and implement policy for GBAD systems.
  • Develop and manage system authorization project management sheets and tasks. Map required tasks to accomplish system authorization. Track task completion and update project sheet accordingly.

Requirements

  • Active DoD TS/SCI with Polygraph Clearance
  • Minimum of 5 years of experience in engineering and securing DoD system
  • Minimum DoD IAT Level II certification required (i.e. CompTIA Security+)
  • In depth understanding of computer security, military system specifications, and DoD cybersecurity policies
  • In depth understanding and experience in Risk Management Framework (RMF), and the implementation of cybersecurity boundary defense techniques
  • Strong ability to communicate clearly and succinctly in written and oral presentations.

Benefits

  • Health insurance
  • Dental insurance
  • Vision insurance
  • 401K
  • Life insurance
  • Short-term disability plans
  • Long-term disability plans
  • Vacation time
  • Holidays

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service