Cyber Security Engineer

  • Huntsville, AL
  • Posted 49 days ago | Updated 4 hours ago

Overview

On Site
Full Time

Skills

Analytical skill
Security analysis
Certification and accreditation
Computer hardware
Design
Network
Risk analysis
Information security
Information assurance
Information architecture
Impact analysis
National Institute of Standards and Technology
RMF
NIST 800-53
Security controls
MDA
eMASS
McAfee
HBSS
STIG
Document review
System security
Hardening
Vulnerability management
Reporting
Management
Sprint
Risk assessment
Software development
Risk management framework
Information Technology
Research
Policies
Security clearance
Cyber security
Information systems
Cisco Certifications
CISA
CISSP
Security+
DoD
Regulatory Compliance
Documentation
Linux
Microsoft Windows

Job Details

ASRC Federal Analytical Services, Inc is looking for a Cyber Security Engineer who has experience supporting system builds, implementing information security best practices, performing security analysis, software assurance and documentation of unique hardware and custom software in a multi-platform/multi-network environment during a full Risk Management Framework life cycle. Supports Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities. Provides capability and expertise to understand and properly implement DOD/MDA directives, instructions, and guidelines across hardware and software platforms. Works with the MDA cybersecurity management and case managers to ensure all cybersecurity actions for the MDDC Program are handled/resolved in a timely fashion with respect to MDA Designated Accrediting Authority and Certification Authority requirements. Responsible for the design, development, and implementation of solutions that meet network and system security requirements. Maintains existing security products and researches and develops new monitoring and management tools and procedures to comply with MDA and DoD instructions and guidelines. Performs vulnerability/risk analyses of computer systems, networks, software development deliverables, and applications. Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Has experience and skills of establishing a Defense Posture for Applications, maintaining compliance with DoD Cyber and IA policies.

Responsibilities:
  • System accreditations/authorizations through the NIST Risk Management Framework (RMF). Experience with the DoD Risk Management Framework (RMF) Assess and Authorize process preferred.
  • Understanding and validating NIST 800-53 Security Controls.
  • Understanding of the software assurance process per the MDA Software Assurance 8500.05 and Cybersecurity 8500.01.
  • Use of DoD mandated software including eMASS, ACAS, and McAfee HBSS preferred.
  • Demonstrated experience reviewing, implementing, and assessing DISA Security Technical Implementation Guides (STIGs), DISA Security Requirement Guides (SRGs), and NSA Security Configuration Guides preferred.
  • Will perform tasks dealing with system builds, documentation review, system security hardening, and vulnerability management/reporting.
  • Support the development of CDRLs, library review and management, sprint release preparation, and threat and risk assessments as a member of software development scrums.
  • Candidate should have technical troubleshooting skills and working knowledge of the Risk Management Framework for Department of Defense Information Technology.
  • The ability to work independently and within a larger group of engineers and cybersecurity professionals.
  • Experience in the software assurance/approval process
  • Candidate will research DoD policy and complete various security tasking.


Responsibilities

REQUIREMENTS:
  • Experience in cyber/software assurance/DevSecOps security tools.
  • Secret Clearance
  • Bachelor's degree in Engineering, Cybersecurity, Information Systems, or related field.
  • Certification: CCNP Security, CISA, CISSP (or other IAT-III certifications); Security +
  • Familiarity with DoD security compliance documents as they relate to Linux and Windows environments is desired.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.