Cybersecurity Engineer 3

Data Intelligence, LLC (DI) is searching for a full time Cybersecurity Engineer 3 . This position is fully on-site in Virginia Beach, VA.

Expected Tasks and Expertise Areas:

• Responsible for the Security Posture of the application/system via Verification
  • Performing SCAP (Evaluate STIG, Tenable Nessus, etc.)
    • NSWC IHD is not responsible for scanning via SCAP
  • Performing manual reviews via DISA STIGs/SRGs, etc. (completing the finding details/comments section)
  • Writing mitigations for open Vulnerabilities
  • Remediating open Vulnerabilities
  • Assessing the SAs with Security solutions to remediate Vulnerabilities
  • Updating/Creating POA&M/RAR
  • Creating/Updating the Authorization Boundary, Architectural Diagram, and Information Flow Diagram (NQV will leverage this information when completing the SAP)
  • Completing the Hardware and Software List (NQV will leverage this information when completing the SAP)
  • Updating Implementation Plan, Security Controls/APs/CCIs and anything WRT the RMF/RMF AO package
    • Ensuring the verbiage for the responses addresses the Security Controls/APs/CCIs.
    • If referencing documentation, ensure the document, page number, section, etc. is mentioned
• Technical planning and systems engineering to ensure IA compliance and the cyber posture with respect to availability, integrity, authentication, confidentiality, and non-repudiation of critical system information.
• Provide ACAS scanning and STIG compliance checks on various standalone and networked systems.
• Apply software patches and patch sets and upgrade software to network systems, and perform regression testing to ensure upgrades and patches have not corrupted the system.
• Technical and Network Engineering services across systems life cycle.
• Provide decision analysis, evaluation of alternatives and design and test support.
• Technical engineering services, implementing disciplined and rigorous System Engineering and Network Engineering processes.
• Day-to-day cybersecurity operations and maintenance of information technology (IT) resources including network support, server support, and policy development and enforcement.
• Conduct DoD mandated cybersecurity scans and compliance checks on various networks/systems.
  • Defense Information System Agency (DISA) Assured Compliance Assessment Solution (ACAS) scans.
  • DISA Security Technical Implementation Guide (STIG) compliance checks.
• Conduct Security Content Automation Protocol (SCAP) scans for automated STIG checks as required for validation of compliance for Navy Authorizing Official (NAO).
• Perform software updates to systems.
  • Apply software patches and patch sets during maintenance windows.
    • Includes operating system (OS) patches released from DISA and available ton DISA s patch repository website.
  • Upgrade software.
  • Conduct regression testing to ensure upgrades/patches have not corrupted the system.
• Provide analytical and technical security recommendations to other team members.
• Report any breaches of cybersecurity policies to the Information System Security Manager (ISSM) and director of the facility (i.e. unauthorized devices).
• Track security baselines and attend configuration control board (CCB) meetings dealing with infrastructure/network upgrades, including major and minor hardware/software that will potentially affect the baseline that is approved.
• Develop documentation to support ongoing system security operations, maintenance and specific problem resolution.
• Develop and update Plan of Actions and Milestones (POA&M) based off of the ACAS, SCAP and STIG artifacts for continuous monitoring assessments.

• Minimum certification as 541 (or similar as required by the Technical Instruction) at the Intermediate level per DoDD 8140.01, or successor.
• All persons performing as Privileged Users are required to have and maintain a final adjudicated Tier 5 security investigation with an IT level-1 designation in Joint Personnel Adjudication System (JPAS) and/or Defense Information System for Security (DISS).