5 days old

Senior Cyber Security Engineer

Augusta, GA 30905
Apply Now
Apply on the Company Site
Business Group Highlights

Defense

The Defense group supports the Department of Defense (DoD) mission to keep our homeland and its citizens safe. We provide solutions to improve the Nation's defense by providing software, systems engineering, IT, training and logistics and fleet management solutions.


Responsibilities

Provide Cyber Security expertise, including feasibility studies, technical evaluation, justification, acquisition/procurement, installation, implementation, management, and administration of IT systems including virtualized infrastructures and systems (ex. VMWare and OpenStack). Provide technical support to Information Systems Security Managers (ISSM) and ISSOs throughout the CCoE. Maintain the CCOE security posture with proper certification and accreditation procedures/documentation/mitigation through continuous monitoring of CAT Is and II/III findings. Assist in the administration of an effective Cyber Security program that involves providing management of organizational risk advice, guidance, and assistance. Stay abreast on changes to Joint, DOD and Army doctrine as it pertains to cyber security and risk management. Maintain up-to-date on IT news regarding network security and future trends in Cyber Security (ex. cloud computing security). Update, maintain and test the Disaster Recovery Plan and Continuity of Operation (COOP) to reflect changes in the IT environment. Assist in the coordination of vulnerability assessments, inspections, tests and reviews of the CCoEs information systems and processes. Generate and/or coordinate the compiling of all document deliverables required for Certification & Accreditation (C&A) utilizing RMF methodology Process, track and manage C&A packages into applicable systems (ex. eMASS). Identify information protection needs for the Network Environment (NE). Define NE security requirements in accordance with applicable IA requirements. Provide system related input on IA security requirements to be included in statements of work and other appropriate procurement documents. Develop Cross Domain Solution (CDS) for use within a Computing Environment (CE) or NE. Develop and implement security designs for new or existing network system(s). Design of hardware, operating systems, and software applications adequately address IA security requirements for the NE. Design, develop, and implement network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation. Design, develop, and implement specific IA countermeasures for the NE. Develop interface specifications for the NE. Develop approaches to mitigate NE vulnerabilities and recommend changes to network or network system components as needed. Ensure that network system(s) designs support the incorporation of DoD-directed IA vulnerability solutions, e.g., IAVAs. Ensure compliance with IA architectures and designs for DoD IS with medium integrity and availability requirements, to include MAC II, systems with a medium Level-of-Concern for availability or integrity in accordance with Reference (vu), and other DAA designated systems. Develop IA architectures and designs for JWICS and DIA systems processing Sensitive Compartmented Information (SCI). Assess threats to and vulnerabilities of the NE. Identify, assess, and recommend IA or IA-enabled products for use within an NE; ensure recommended products in compliance with the DoD evaluation and validation requirements. Ensure that the implementation of security designs properly mitigate identified threats. Assess the effectiveness of information protection measures used by the NE. Evaluate security architectures and designs and provide input as to the adequacy of security designs and architectures proposed or provided in response to requirements contained in acquisition or MILCON/MCA documents. Ensure security deficiencies identified during security/certification testing have been mitigated, corrected, or a risk acceptance has been obtained by the appropriate DAA or authorized representative.


Qualifications

Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD.

Requirements:
Have a minimum of seven (7) years of work experience in the area of Information Assurance, Cyber/Information Security.
Technical Skills Required:
Minimum of 1 year of experience performing high-volume analysis of logs, network and system data in one or more of the following tools: (preferred tool Assured Compliance Assessment Solution (ACAS) but also familiarity with other similar tools)
Ability to use and recommend implementation of infrastructure and security monitoring technologies (ex. Security Onion, Splunk, SolarWinds, ACAS)
Endpoint Protection: (ex. McAfee EPO/ Host based security system (HBSS)
Awareness of the latest network and application hacking techniques and countermeasures (emerging trends).
Have at least one (1) year of Certification and Accreditation & Cyber Risk Management experience: DoD RMF (DoD 8500, DoD 8510, NIST 800-37/-53), and DCID 6/3 and ICD 503 processes and implementing frameworks by performing risk assessments, system certification and accreditation at all classification levels (NIPRNET, SIPRNET and JWICS)
Have at least three (3) years of experience in Security Engineering of DOD Network Infrastructure, Wireless Technologies (Mobile IoTs, Endpoint Security, Network protocols, COMSEC and PKI).
Certifications Required all of the following are required o This position is designated as Information Assurance Workforce (IAWF) (1) IAM II, (2) IASAE II and (3) CSSP Auditor. See section 1.6.7.9, Cybersecurity/Information Technology (IT) Certification, in this PWS for detailed Army and DoD guidance and requirements. The following are required at contract start date and must be maintained throughout the life of the contract : Baseline certifications. Note: Either CASP or CISSP (or associate) will satisfy baseline certifications for both IASAE II and IAM II. IASAE II: CASP, CISSP (or associate), or CSSLP and CSSP Auditor: CEH (red), CySA+ (blue), CISA, or GSNA and IAM II: CAP, CASP, CISM, CISSP (or associate), or GSLC Computing Environment (CE) certifications: N/A - only required for IAT IAWF positions. o Be monitored in the Army Training and Certification Tracking System (ATCTS). o Successfully complete Information Assurance Fundamentals on line course and exam at https://cs.signal.army.mil. o Complete Privileged Level Access Agreement (PLAA) annually. This Personnel Security Standard for this position is IT-I (Personnel in IA positions with privileged-level access to control, manage, or configure IA tools or devices, individual and networked IS and devices, and enclaves). See security clearance requirement within section 1.6.7 Security Requirements
Additional relevant experience a plus:
Have Demonstrated knowledge of network threats, attacks, and other methods of exploitation, and the ability to develop Tactics, Techniques, Procedures (TTPs) to mitigate, deter, and respond.
Have knowledge of Cyber Security practices for cloud and virtual environments (ex. Amazon Web Services (AWS), Microsoft Azure, VMWare and OpenStack)
Have strong Knowledge of security incident handling/incident response process, methods and coordination with regional Cyber Center-CONUS (RCC-C), Regional Network Enterprise Center (RNEC), NEC, etc.
Have strong knowledge and understanding of DoD and Intelligence Community (IC) engineering efforts, as it relates to security engineering (MILCON/MCA projects)
Have strong knowledge of the development of CCOE Policy (Policies, SOPs, TTPs, etc) and the conduct of the associated inspections for user adherence to the CCOE policy developed.

About Perspecta

What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering.

Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector.

Perspecta is anAA/EEOEmployer - Minorities/Women/Veterans/Disabled and other protected categories.

As a government contractor, Perspecta abides by the following provision

Pay Transparency Nondiscrimination Provision

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c).

Industry

  • Information Technology
Posted: 2020-07-30 Expires: 2020-08-29

With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to create innovative solutions. We have the expertise and experience not only to devise solutions, but to execute on them successfully.

Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Cyber Security Engineer

Perspecta
Augusta, GA 30905

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast