Mid Level Security Engineer with Security Clearance

---

Job description

Overview: The Cyber Security Analyst requires a minimum of 6 years of experience supporting system security authorization processes in compliance with Department of Defense (DOD)'s and Defense Health Agency (DHA)'s NIST RMF-related policies and requirements. Job Summary: Lead and perform Risk Management Framework (RMF)-related tasks throughout all stages of a system's lifecycle, including: Stakeholder engagement and development of Assessment & Authorization (A&A) or Threat Management Team project plans Preparation and maintenance of FIPS-199 system security categorization Preparation and maintenance of FIPS-200 system security controls exceptions Performance of risk assessments Analysis of risk remediation and mitigation options and strategies Development, review, and submission of A&A system security packages Selection and documentation of applicable NIST 800-53 rev. 4 security controls in systems' Security Controls Traceability Matrices (SCTM) Collection, development, and analysis of NIST 800-53 rev. 4-related security controls artifacts Participation in and organizational oversight of Independent Verification & Validation (IV&V) activities Development and status tracking for Plans of Action & Milestones (POA&M) Performance of Continuous Diagnostics and Monitoring (CDM)-related activities Status tracking and reporting to leadership and organizational stakeholders Support the year-round work of maintaining security posture to meet RMF requirements.Manage system security packages in the Enterprise Mission Assurance Support System (eMASS) throughout system authorization cycles, including: System registration Uploading and maintenance of system security packages POA&M entry and tracking System decommissioning Conduct technology assessments, reviews, and technical inspections to identify and mitigate potential security weaknesses, ensuring all applicable security features and functionality are implemented and function as intended. Work in partnership with System and Network Administrators to perform self-assessment and hardening of workstations, servers, network devices, and clinical devices, including application of Secure Technical Implementation Guidelines (STIG) and running hardening and security artifact collection scripts, Security Content Automation Protocol (SCAP), and Assured Compliance Assessment Solution (ACAS) scans. Develop and maintain cybersecurity-related training materials and deliver training for users and System Administrators (SA). Possess and maintain a comprehensive understanding of federal security regulatory requirements and security frameworks, including IT Security and Information Assurance (IA) policies, RMF, NIST SP 800-series, FISMA, FIPS, FedRAMP policies, directives, and publications. Proactively maintain awareness and understanding of current and emerging threats and vulnerabilities and their potential impact on organizational mission accomplishment, safety, and data security. Apply security patches, STIGs, and updates for all assigned systems. Provide support for the escalation and communication of status to management and internal customers, clearly communicating technical information to both technical and non-technical personnel. Implement and manage disaster recovery and Continuity of Operations (COOP) plans, systems, and operations. Work collaboratively with a team to ensure: Maintenance of baseline system security according to organizational policies Mitigation of cyber threats and vulnerabilities Adherence to information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, and encryption) Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Maintain a thorough understanding of NIST 800-53 controls, determining which controls are applicable to the application, and document implementation in the Security Controls Traceability Matrix (SCTM). Oversee the monitoring and resolution of POA&Ms to mitigate system vulnerabilities on assigned information systems. Ensure technical system documentation required for A&A packages is complete and clearly supports validation and authorization in accordance with system security requirements. Perform comprehensive A&A tasks, including package development, controls analysis, risk assessment, contingency planning, security test and evaluation, risk mitigation analysis, and technology assessments. Utilize NIST and FIPS standards and guidance documents to register and complete accreditation packages in eMASS. Lead the RMF accreditation lifecycle for assigned systems from inception to completion, managing stakeholder engagement, lifecycle progression, schedule development, accreditation package review, submission, and validation. Maintain and support current and ongoing A&A packages to ensure uninterrupted delivery of information technology systems for the organization. Create, manage, and maintain setup documentation and security policies for compliance and accreditation purposes for all programs and projects, including SOPs, policies, procedures, plans, guidelines, checklists, presentations, and training guides, in alignment with organizational cybersecurity needs or in accordance with RMF guidelines. Report on assessment process status, participate in IV&V activities, conduct/oversee IV&V testing as required, and assist system certifiers during evaluations. Review regulatory security policies and best practices, developing the technical solutions required to implement those requirements on servers, routers, firewalls, and other LAN/WAN equipment. Work with System and Network Administrators to monitor the security posture of all networked systems and applications, taking appropriate steps to quickly address any vulnerabilities. Provide system, network, and security engineering expertise and guidance for all aspects of information assurance, including systems required to meet regulatory requirements. Manage the cybersecurity program to minimize risk and exposure across projects. Oversee a team performing self-assessment and hardening of system servers, applying STIGs, SCAP and ACAS scans, and other scripts. Comprehensive understanding of services and programs, usability standards, and user interface design methodologies. Other duties as assigned related to the Cybersecurity Division. Supervisory Responsibility: No Requirements Skills & Abilities: Knowledge and experience with RMF A&A artifacts, network architecture, network and security management and monitoring tools, and penetration testing tools Experience with deploying and hardening Windows Server 2012 R2, Server 2016, Server 2019 Experience with PowerShell, Tanium, SCAP, NMAP, SQL Developer, Forescout, and/or Splunk Large enterprise-level IT experience with maintenance of servers, storage devices, and applications Strong problem-solving and critical thinking skills Strong planning and organizational skills Strong verbal and written communication skills, including delivering presentations and communicating technical concepts to non-technical personnel across organizations and functional groups Education/Experience: Four-year college degree in Cybersecurity, Information Technology, Computer Information Systems, Computer Science, Computer Engineering, or equivalent (additional years of experience may serve in lieu of a degree) 5+ years of technical experience related to system and/or network administration and/or cybersecurity operations Certification(s): Minimum certification level of CompTIA Security+ CE or equivalent certification required CISSP, CAP, CYSA, CISM, MCSE, or equivalent certification required Clearance: Secret security clearance required Position Details: This is an on-site position, Monday through Friday On-site parking and metro stipend are provided

<!– job description page –>