IA System Security Engineer

Job ID: 2110148

• Ensure system development follows the RMF 6-step process IAW DoDI 8510.01.
• Determine the required levels of Confidentiality, Integrity, and Availability for the systems under development and select appropriate controls
• Develop RMF artifacts in support of obtaining ATCs, IATTs, and ATOs for Combat Development Division (CDD)-Western Range (WR) CDD-WR telemetry systems under development
• Develop, manage, and update System Security Plan and assessment and authorizations packages and provide any change to the ISSM or designee
• Document all findings and decisions for each applicable control
• Manage hardware and software lists provided by the system's developer; ensure the most current template is utilized that can be exported and imported from Enterprise Mission Assurance Support Service (eMASS)
• Deliver RMF artifacts to the CDD-WR for inclusion in RMF packages
• Assist the Government/ISSM in reviewing all cybersecurity documents as required for RMF process
• Provide recommendations for Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) implementation and risk mitigations, using cybersecurity training and experience, to the CDD-WR
• Produce list of applicable DISA Security Technical Implementation Guides (STIGs) for the system
• Assess and provide tactical and strategic management of cybersecurity for CDD-WR portfolio, including the development of cybersecurity policy, strategies, and plans incorporating high-level directives, as well as the translation of strategic cybersecurity posture into specific cybersecurity requirements
• Maintain open lines of communication with development engineers and support personnel within the CDD-WR for accurate portrayal of systems within artifacts and to ensure awareness of completion status and timelines
• Provide continuous support in monitoring affected system after ATO is achieved to include
• Perform vulnerability and compliance scans of CDD-WR systems using DISA's Assured Compliance Assessment Solution (ACAS)/Tenable Nessus
• Perform the necessary scans of CDD-WR systems using the most current, official criteria for inclusion in the RMF packages and in support of the development of the Plan of Actions and Milestones (POA&M)
• Assess and verify that cybersecurity requirements addressed at an acceptable level of risk in architecture specifications.
• Assess and present program cybersecurity and protection issues, and recommend solutions, mitigation, or corrective actions through the risk management process of the CDD-WR portfolio/programs.
• Support and facilitate CDD-WR cybersecurity Integrated Working Group meetings.
• Coordinate with all 30 SW contractors to validate that appropriate cybersecurity requirements applied to CDD-WR program

• DoD 8570.01-m IAM Level II (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO) or higher (CISM, CISSP (or Associate), GSLC, CCISO)
• 3-5 years minimum as an Information System Security Engineer
• Experience in applying information systems security principles, concepts, and methods for RMF, eMASS, and ACAS toolsets and project management principles across IT disciplines and DoD information systems
• Experience in applying security principles to all states of system development from requirements development through operational acceptance
• Experience at the enterprise level in system design and architecture development with modern computer platforms (e.g., OS, cloud computing, datacenter operations)
• Experience in conducting information systems security assessments, evaluating IA and Cybersecurity controls, and conducting and supporting RMF activities
• Experience with Operational Air Force systems
• Bachelors and twelve (12) years or more of related experience or a Masters and ten (10) years or more experience
• Active Secret Clearance