View Our Website View All Jobs

Senior A&A Engineer

Overview:

The Customer team is looking for a Senior Cyber Security/Information Assurance A&A Engineer. This A&A Engineer will serve as an Information Systems Security Officer (ISSO) and will be responsible for security processes and implementation supporting a large customer on a new multi-year contract. Responsibilities include the performance, review, and conduct of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies to the team.

The ideal candidate should have at least 6-8 years of experience in Information Assurance positions and experience with implementing and authorizing large scale systems. This position is targeted for both dedicated support roles and short term reactive support and proactive engagements where occasional, 2-7 day trips to other customer facilities may be required 2-3 times per year. 

The selected candidate must be able to start within 30 days of offer acceptance.

Required Qualifications:

  • Expert knowledge and experience in A&A with ICD-503.
  • Knowledge of NIST 800-53, DIACAP, and DODIIS security requirements.
  • Experience with system hardening including STIGs.
  • Proficiency in validating and verifying system security requirements definitions and analysis and establishes system security designs for controls.
  • Ability to design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
  • Experience with building IA into systems and services deploying into operational environments at multiple classification levels.
  • Ability in assisting architects and services developers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions.
  • Experience with assessing and mitigating system security threats/risks throughout the program life cycle.
  • Knowledge of security planning, assessment, risk analysis, risk management, and awareness activities for system and networking operations.
  • Experience with creating and reviewing A&A Body of Evidence documentation, providing feedback on completeness and compliance of its content.  Develops and executes Security Test Plan (STP) in close cooperation with team members.

Desired Qualifications:

  • Advanced IT certifications-- technical certifications such as CISSP, RHCE, CCIE, SANS, etc.
  • Strong knowledge and experience with NIST SP 800-53 and associated security controls implementation and verification.
  • Proficiency in scanning systems and assisting the team in remediating vulnerabilities.
  • Proficiency in the development and maintenance of System Security Plans, Security Compliance Traceability Matrix, Security Test Plans, and Plan of Action & Milestones.
  • Strong Windows administration and hardening experience.
  • Strong network and host security background in Windows.
  • Hyper-V, SCCM, WSUS, and patching experience.
  • Outstanding communication skills including verbal and written; Word, PowerPoint, Excel, Visio, Project, and other tools to communicate with peers and customers at all technical levels.
  • Ability to communicate effectively with senior management in government and contractor teams.
  • Experience ensuring systems comply with key government security requirements and demonstrate that through verification testing with government security stakeholders.
  • Experience working on and supporting classified networks.
  • Familiarity with cloud and virtual hosting environments.
  • Experience implementing a ICD-503 based A&A processes using XACTA.
  • Security architecture design experience.
  • Experience with ACAS, and other scanning tools.
  • Master’s degree in IA/Cyber Security/Computer Science.
  • Active Directory (architecture, design, disaster recovery and troubleshooting), IIS and ISA.
  • Debugging skills in the Windows Platform.
  • Background with Windows 7 and Windows 10 client.
  • Experience with network captures and network troubleshooting.

Education:

  • BS in IA/Cyber Security/Computer Science or equivalent technical degree and 6-8 years of experience in a similar role.
  • DoD 8570 certification (Security+)
Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*