Engineer supporting secure development lifecycle processes for product lines in the energy sector. Collaborating with R&D on security requirements and compliance audits.
About the role
- Information System Security Officer responsible for cybersecurity assessments and security policy implementation. Working with a diverse team on telecommunication systems to achieve Authority to Operate (ATO).
Responsibilities
- Responsible for the Information Assurance and Security system and network services.
- Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; responsibilities include:
- Meet the government’s cybersecurity accreditation process to achieve an Authority to Operate (ATO).
- Maintain the Security Authorization or Authorization to Operate (ATO) of assigned systems and conduct initial and annual risk assessments.
- Identify required STIGs and guide system certification based on project requirements.
- Prepare a certification package, including STIG assessment and documentation, vulnerability and scan assessments, and conduct quarterly software security reviews.
- Ensure all security measures comply with applicable government policies.
- Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SCTM)
- Develop, monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned facilities and Information Systems
- Participate in internal and external security audits and inspections and perform risk assessments.
Requirements
- Must be a U.S. Citizen, with an active Government security clearance.
- College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline or equivalent years of experience.
- Must have Security+ Certification or equivalent DOD 8570 IAT Level 2 certification.
- CISSP certified a plus.
- Demonstrated knowledge of National/DoD/Army Directive security policies.
- Demonstrated knowledge of directive, guidelines, processes, and procedures for maintaining the security, integrity, and confidentiality of secure facilities, containers, and communications.
- Demonstrated experience using Army or equivalent eMASS.
- Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
- Demonstrated experience with DISA Security Content Automation Protocol (SCAP), Evaluate STIG (eSTIG), and STIG Viewer v3 required
- Demonstrated knowledge of DOD RMF accreditation implementation
- Ability to identify and manage risk.
- Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement.
- Excellent written and verbal communication skills.
- Strong collaboration skills and desire to work within a team.
- Understanding of all elements of the DOD Cybersecurity policies and requirement
- Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
- 10+ years related technical experience.
Benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Automation Oversight Engineer providing oversight of compliance in automated device configurations for Comcast Business. Managing configuration checks and reporting, ensuring reliable oversight and improvement strategies.
Principal Systems Engineer - Cybersecurity role in protecting our nation's products as part of Integrated Platform Solutions team. Develop solutions utilizing RMF, Anti - Tamper, Software Assurance, and more.
Agent de Sécurité assurant la sécurité des usagers du réseau de transport TBM. Rattaché au Manager de Proximité Sûreté, garantissant la qualité de service public de transport en commun.
Web and Remote Access Security Engineer managing secure remote connectivity solutions. Collaborating across security and networking domains to enable reliable access for global workforce.
Security Officer protecting patients, visitors, and staff at Shriners Hospital for Children in Sacramento. Engaging in various responsibilities related to safety and security on hospital property.
Senior IT Security Administrator supporting IT security operations at Uline. Collaborating with teams to develop security procedures and manage risks effectively.
Security Technician at Presbyterian Healthcare Services ensuring safety through patrols, incident response, and emergency preparedness. Responsibilities include monitoring risks and documenting activities efficiently.
Product Security Engineer at Junglee Games ensuring security is integrated into each stage of the software development lifecycle. Collaborate across teams and harden the security of products and platforms.
Senior Cybersecurity Documentation Specialist managing Risk Management Framework initiatives for Leidos. Supporting cybersecurity documentation and compliance activities across departments with a focus on national security.