cybersecurity

Cybersecurity/ IA Engineer

Last Updated: December 10, 2023By

Job title: Cybersecurity/ IA Engineer

Company: Sev1Tech

Job description: Overview/ Job Responsibilities

Sev1Tech is seeking a highly motivated and dedicated Cybersecurity/Information Assurance Engineer to support PEO IEWS HQ SETA. The engineer will be a subject matter expert on Cybersecurity/Information Assurance activities based upon a comprehensive knowledge of the principles, policies such as DoD Instruction 8500.01, DoD Instruction 8510.01, AR 25-1 and AR 25-2, pertinent laws, regulatory requirements and procedures applicable to each PEO IEW&S program management office, PEO IEW&S HQ staff, and other external organizations.

The Cybersecurity/Information Assurance Engineer responsibilities include:

  • Reviewing Cybersecurity packages (DICAP/RMF) for content and presentation of evidence of proper implementation of Cybersecurity requirements for the Designated Approving Authority (DAA/AO).
  • Providing feedback and consultation to Information System Security Officers (ISSO’s) to ensure that Authorization to Operate (ATO), Interim Approval to Operate (IATO), Interim Authority to Test (IATT), and Approval to Connect (ATC) packages meet the PEO standard.
  • Providing technical expertise to PMs in developing Cybersecurity Strategies (CSSs) as required by the Clinger-Cohen Act and DoD Acquisition policy, coordinating these CSSs with HQDA for Army CIO/G6 Approval in order to support major milestone decisions, IEW&S Staff, CECOM Staff, other agencies, and Warfighters in the field as they relate to Cybersecurity for PEO IEW&S Tactical and Developmental systems. (Such as: Public Key Infrastructure & Host Based Security Systems waivers & exemptions, Windows XP, Vista, and Server 2003 elimination.)
  • Assurance accreditation status, and providing portfolio (acquisition) management oversight of all the Program Manager’s projects, for FISMA (Federal Information Security Management Act) compliance.
  • Managing and maintaining on-line repository of current PEO IEW&S Authorization and Accreditation (A&A) documentation within all cybersecurity repositories (eMASS, Xacta), and the Army Knowledge On-line (AKO)-SIPRNET.
  • Providing Cybersecurity engineering subject matter expertise
  • Consulting with PM staff with regard to the implementation of the Risk Management Framework (RMF) and associated security controls.
  • Serving as a subject-matter expert for the implementation of component-level policy, coordinate exceptions to policy at the headquarters level for tactical equipment and mission requirements.
  • Identifying cybersecurity requirements for systems in acquisition or development to comply with published RMF requirements, Cyber Tasking Orders (CTOs), Security Technical Implementation Guides (STIGs), policies, and analyze the requirements development and design process across the program offices of PEO IEW&S.
  • Providing leadership portions of Army vulnerability management and Assess and Authorization (A&A) processes, including analyzing, reviewing, or verifying Plans of Action and Milestones (POA&Ms), evaluating the overall risk posed by vulnerabilities to Army missions, networks, and data, and making recommendations to the Authorizing Official.
  • Leading A&A activities within established timelines, recommending courses of action for program managers and system owners to ensure compliance with FISMA, DoD and Army standards, and policy, and maintaining an acceptable level of risk.
  • Developing cybersecurity education, training, mitigation strategies, and cybersecurity awareness at the headquarters level.
  • Developing processes to assist the Army in the development and lifecycle of information system packages; this includes creating templates and ‘how-to’ guides for implementing waivers, documents, and other important system artifact requirements.
  • Serving as a subject matter expert to provide technical guidance and recommendations to staff, stakeholders and leadership on all aspects of cybersecurity.
  • Overseeing product teams to ensure cybersecurity objectives are met.
  • Planning, executing and providing technical expertise in obtaining ATO or appropriate interim authorities.

Minimum Qualifications

  • Must have a TS/SCI level clearance
  • Minimum five (5) years related work experience as a Cybersecurity/Information Assurance Engineer

Bachelor’s Degree

CISSP+ Certification * Experience with the eMASS software tool

  • Experience with the Risk Management Framework (NIST 500-XX)

About Sev1Tech LLC

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: #joinSev1tech

For any additional questions or to submit any referrals, please contact:

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Expected salary:

Location: Aberdeen, MD

Job date: Thu, 07 Dec 2023 01:43:23 GMT

Apply for the job now!

Leave A Comment