|Location||San Diego, CA|
|Date Posted||January 13, 2019|
The Cyber Security Engineer manages Digital Modular Radio (DMR) and Portable Radio Program (PRP) RMF Accreditation Efforts and performs RMF Step 4 Validator functions under direction of the PMW/A 170 Cyber Security Lead.
Essential Job Functions:
The Cyber Security Engineer is responsible for supporting Risk Management Framework (RMF) Accreditation efforts for PMW/A 170 and coordinates/conducts Certification & Accreditation (C&A)/ Assessment and Authorization (A&A) efforts for assigned in accordance with the DoD RMF process.
Provides RMF expertise, counsel programs on requirements, prepare and manage accreditation packages, analyze vulnerability scans and develop strategies to correct deficiencies, and implement and validate security posture/controls in accordance with DOD 8500.2/8510.01.
Researches and applies DISA Security Technical Implementation Guides (STIGs), NSA recommendations, and DoD security policies/design implementations to bring the system into compliance.
Provides Cyber Security guidance at meetings, briefings and design reviews, support RMF Checkpoint and Escalation meetings, and assists with development and tracking of the POA&M in EMASS. Provides expert input and recommendations on security issues to PMW/A 170, and support the PM, SCA, ISSM, and PMW/A 170 Cybersecurity Lead to achieve security objectives.
Due to the sensitivity of customer related requirements, U.S. Citizenship is required.
A Bachelor's Degree (engineering preferred) plus 6 years of cyber security engineering experience or a Master's Degree plus 4 years of experience is required.
Position requires an active Secret security clearance.
Must be a Navy Qualified Validator (NQV) Level II (min) / Level III (desired) with working knowledge and experience applying the DoD Risk Management Framework (RMF) Process / Roles & Responsibilities to Complete RMF Steps 1-6.
Requires working knowledge of the following: Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), Security Control Assessor (SCA), Navy Authorizing Official (NAO) /Functional Authorizing Official (FAO), Package Submitting Office (PSO), High Risk Escalation (HRE), Memorandum For the Record (MFR), DISA Security Technical Implementation Guides (STIG) compliance, Conditional Authorization Request (CAR), Security Classification Form (SCF), Security Plan (SP), Security Assessment Plan (SAP), System Level Continuous Monitoring (SLCM), Risk Assessment Report (RAR), Host Based Security System (HBSS), Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST) Special Publication 800-37 - RMF for Information Systems and Organizations.
Certifications: DoD IA Work Force IAM Level II (Level III Preferred)
Must possess excellent writing and verbal skills and email etiquette. Must be a proactive self-starter, work well independently and with teams in a collaborative environment.
Proficient with Microsoft Office products, to include Word, Excel, Power Point, Visio.