Cyber Security A Engineer Industry: Dept. of DefenseLocation: Charleston, SC (29406) (REMOTE & 35% travel)Employment Type: Contract to permanentClearance: Secret (Active Required)Requirements:
BS degree and six (6) years of experience with Cybersecurity / Information Technology, or twelve (12) years of hands-on experience with Cybersecurity / Information TechnologyExperience with DHA Cybersecurity Directorate a plusExperience with A packages within eMASS a plusCapable of providing thought leadership to the SCAR, SCA and other DHA cybersecurity leadership in his/her effort to identify risks, communicate recommended courses of action and recommend process improvements.
Support and execute DHA RMF Independent Validation & Verification (IV) and Validator responsibilities and deliverables defined by the DHA RMF workflow. These include:o Review of systems architecture diagrams, hardware/software lists, accreditation boundary documentation, security plans and eMASS records.o Develop detailed Security Assessment Planso Support Development of IV cost estimates foro Execute reviews for and provide feedback to Program Offices within eMASS for Security Plan approvals, Authorization Packages, Risk Assessments and Annual ReviewsCoordination among various stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), SCA, SCAR, Authorization Officials (and representatives), program managers, vendors, etc., necessary to properly plan and coordinate IV and testing requirements for program office authorization efforts.Knowledge and experience identifying, assessing, and documenting compliance against applicable DoD IA security controls (technical, management, operational), and DISA Security Technical Implementation Guides (STIGs).Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus/Tanium) necessary to identify and document compliance;Knowledge of and ability to use applicable compliance and accreditation reporting environments (e.g., eMASS, CMRS) to validate compliance and accuracy of a program s RMF package.Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other DoD Risk Management policies.
#clearanceKeyword Searchstring: cyber security, security+, Pen testing, CISSP, CEH, RHCSA, Red Hat, Linux, Unix, Cyber, engineer, architect, network, systems, ACAS, STIGs, POA, RMF,EOE/ADA