|The Specialized Warfighter Development Contract (SWDC) Engineering Directorate (DE) Task Order is seeking someone with the education and experience to perform Cybersecurity engineering across the Task Order. The Task Order is a collection of systems that support the modeling and simulation of Ballistic Missile Defense capabilities. Each system is authorized separately and has its own set of supporting cybersecurity/engineering artifacts.
Position responsibilities include:
• Develop cybersecurity engineering artifacts for DE TO systems that include: system, component and service descriptions, data flows and connections, Department of Defense Architecture Framework (DoDAF) SV-1, SvcV-1 and OV-1 diagrams.
• Develop Risk Management Framework (RMF) artifacts that include: Cybersecurity process development, Operating Instructions (OIs), Control Plans, Controls Validation Test Plans, and Ports, Protocols and Services Management (PPSM) documentation.
• Work with system Information System Security Officers (ISSOs) to prepare for Command Cyber Readiness Inspections (CCRIs), Controls Validation Tests (CVTs) and Authorization to Operate (ATO) renewals.
• Audit DE TO systems for compliance with CCRI and CVT criteria.
The successful candidate will have:
• Strong understanding of IT networks and systems and the RMF controls necessary to secure them.
• Experience creating and reviewing DODAF compliant viewpoints
• Ability to evaluate system and network configurations for compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG), and NIST 800-53 Security Controls.
• Experience creating and maintaining RMF Control Plans and system operating instructions.
• Ability to prioritize and execute tasks in a collaborative team environment.
• Strong communications skills.
• Active Secret clearance.
• Nine years with Bachelor’s degree in a STEM-related field; 13 years’ experience in lieu of a degree.
• A DoD 8570 certification at IAT Level II or higher (Security+, GSEC, SSCP, CySA+, CND, CCNA Security, CND, GICSP).
• Solid Cybersecurity engineering skills with a working knowledge of: MS Windows, Linux, and networking STIGs; DoDAF; NIST standards; and RMF.
• Experience writing and reviewing RMF Control Plans and Operating Instructions.
• Experience using eMASS for ATO processing.
• Active DoD 8570 IA Workforce Improvement Program IAM II Certification: CAP, CASP CE, CISM, CISSP (or Associate), GSLC.
• One or more of the following certifications: GCIA, CEH, GCIH, SCYBER, SSCP, CSIH, GCFA, CSSLP.
• Experience with Windows and/or Linux Operating Systems
• Experience using ArcSight or a similar Security Information and Event Management (SIEM) tool.
• Active Top Secret Clearance