• Mid Cybersecurity Engineer

    Job Locations US-CA-San Diego
    Job ID 2018-1039
    Category
    Cybersecurity
  • Overview

    The Mid Cybersecurity Engineer will provide direct expertise and guidance to DoD programs (G-TSCMIS and NAOC2/JADOCS/TBMCS) and projects supporting the Navy Command and Control Program Office, PMW-150.

    Responsibilities

    • Provide cybersecurity guidance and advice to the NAOC2 APM on the following:
      • Respond to cybersecurity data calls.
      • Respond to ad hoc cybersecurity tasking.
      • Provide cybersecurity input to adhoc and recurring NAOC2.
      • Attend and support all programattic briefings such as Annual Program Reviews, Program Management Reviews, etc.
      • Provide cybersecurity input to Integrated Product Team (IPT) meetings.
      • Provide cybersecurity expertise as part of the integrated office/Echelon III NAOC2 program team.
      • Track cybersecurity metrics for NAOC2 programs, interact with all cybersecurity POCs from other services components (US Army, USMC, USAF, etc.) to ensure Navy concerns are addressed in NAOC2 systems developed by those service components.
    • Manage all FISMA reporting requirements for NAOC2 programs.
    • Manage VRAM reporting for NAOC2 baselines.
    • Manage Certification and Accreditation (C&A) and/or Assess and Authorize (A&A) for NAOC2 programs including:
      • Maintain the IATO/ATOs for NAOC2 baselines.
      • Track and complete accreditation conditions requirements for NAOC2 IATO/ATOs. 
      • Maintain DIACAP/RMF POA&Ms for NAOC2 baselines in eMASS.
      • Complete Navy Accreditation efforts for system baselines accredited by other services (via the reciprocity process).
      • Provide cybersecurity fleet support for NAOC2 systems.
    • Coordinate cybersecurity tasking with the Echelon III engineering and cybersecurity staff to support items listed above.
    • Support RMF transition for NAOC2 system baselines as required.
    • Others related duties as assigned.

    Qualifications

    • Must hold an active secret clearance to be considered for this role.
    • Minimum 3-5 years relevant work experience in the cyber security field. Work experience should include Risk Analysis efforts, system testing using DISA STIGS and industry automated scanning tools. 
    • Thorough working knowledge of Navy cyber security guidance documents, messages, and instructions (e.g., as promulgated by DON CIO, OPNAV, DoD and NAVNETWARCOM). 
    • Must be familiar with the DoD acquisition life cycle.   
    • Thorough working knowledge of the Information Assurance Vulnerability Management Process (IAVM) and FISMA requirements.
    • Broad technical knowledge of system architectures, network elements and protocols, and system software.
    • Strong direct technical experience in the field of information security, to include hands on experience using security tools, penetration testing, and current/emerging threats in the vulnerability/exploit community.
    • Ability to technically analyze system vulnerabilities, related vendor patches and workarounds, and overall effectiveness of technical mitigations that may be put in place to reduce attack surfaces, threat vectors, or related impact of a given vulnerability.
    • Strong technical understanding of the OSI model, networking, system architecture analysis, and the ability to characterize and discuss findings at all layers of the OSI model from Physical Layer to Application Layer.
    • Strong consultant skills (e.g. Good Communicator, Independent Worker, Multi-Tasker, Flexible, etc.).

    Education:

    • BS in IT, Information Assurance/Cyber Security Engineering Field or related technical discipline.
    • Must have obtained a minimum of a Security+ level certification or DoD 8570.01-M IAT Level II equivalent.
    • CISSP or CISSP Associate (or can obtain certification within 12 months).
    • Prior experience working with DoD (specifically Navy) systems and cyber security processes.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed