Job Title: Cyber Security Engineer
Posted by: Logistics Systems Inc on Sep 03, 2020
Location:
Remote , DC 20005Job Description:
Experience:
Five (5) years of relevant C&A; Risk Management Framework (RMF), DOD cybersecurity experience
Experience in assessing security controls and conducting authorization reviews for large, complex organizations
Serves as a Cyber-Security Subject Matter Expert (SME)
Job Description:
Serves as a cybersecurity Subject Matter Expert (SME) with regards to the Authorization of information systems and all associated cybersecurity policies and procedures.
Fully versed in the general tenets supporting the overall DOD implementation of its authorization process, including supporting cybersecurity policy, procedures, and processes.
Performs a DOD cybersecurity process while either authorizing an information system or serving as an SME for an information system undergoing authorization.
Possess an understanding of how the security controls identified in the NIST 800-53 to apply to the process of assessing and authorizing a large organization's IT infrastructure such as DLA's, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system's current or future authorization. Required to brief senior management on the progress or results of an information system undergoing the authorization process.
The following are a sample of the cybersecurity activities and tasks that will be performed by the candidate to maintain the security posture of networks, information systems, and applications:
Draft documentation as applicable (i.e. System Security Plan (SSP))
Categorize and register systems
Execute Common Control Analysis
Draft system-level continuous monitoring strategy.
Conduct reviews and analysis of the security plan and continuous monitoring strategy
Implement control solutions consistent with DoD and DLA cybersecurity architectures.
System Technical Implementation Guide (STIG) configuration execution and/or validation.
Develop and execute a security assessment plan.
Assess and validate security control compliance.
Draft supporting assessment documentation (Security Assessment Report (SAR), Risk
Assessment Report (RAR), etc.).
Execute initial remediation actions
Submission of the Security Authorization Package (i.e. Security Plan, Security
Assessment Report (SAR), and POA&M) to the Authorization Official (AO).
Determine the impact of changes to the system and environment (Software Life Cycle (SLC) monitoring).
Cybersecurity Vulnerability Alert (IAVA) monitoring (i.e. Execution, results analysis, compliance determination, POA&M documentation, resolution monitoring).
Assured Compliance Assessment Solution (ACAS) scan monitoring (i.e. Common
Vulnerabilities and Exposures (CVE's) (i.e. Execution, result analysis, compliance determination, POA&M documentation, resolution monitoring.
Assess selected controls at least annually and in accordance with DLA continuous
monitoring program and/or as determined by regulatory and statutory auditing requirements
Logistics Systems Incorporated is an Equal Opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, national origin, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, or any other protected class.
Five (5) years of relevant C&A; Risk Management Framework (RMF), DOD cybersecurity experience
Experience in assessing security controls and conducting authorization reviews for large, complex organizations
Serves as a Cyber-Security Subject Matter Expert (SME)
Job Description:
Serves as a cybersecurity Subject Matter Expert (SME) with regards to the Authorization of information systems and all associated cybersecurity policies and procedures.
Fully versed in the general tenets supporting the overall DOD implementation of its authorization process, including supporting cybersecurity policy, procedures, and processes.
Performs a DOD cybersecurity process while either authorizing an information system or serving as an SME for an information system undergoing authorization.
Possess an understanding of how the security controls identified in the NIST 800-53 to apply to the process of assessing and authorizing a large organization's IT infrastructure such as DLA's, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system's current or future authorization. Required to brief senior management on the progress or results of an information system undergoing the authorization process.
The following are a sample of the cybersecurity activities and tasks that will be performed by the candidate to maintain the security posture of networks, information systems, and applications:
Draft documentation as applicable (i.e. System Security Plan (SSP))
Categorize and register systems
Execute Common Control Analysis
Draft system-level continuous monitoring strategy.
Conduct reviews and analysis of the security plan and continuous monitoring strategy
Implement control solutions consistent with DoD and DLA cybersecurity architectures.
System Technical Implementation Guide (STIG) configuration execution and/or validation.
Develop and execute a security assessment plan.
Assess and validate security control compliance.
Draft supporting assessment documentation (Security Assessment Report (SAR), Risk
Assessment Report (RAR), etc.).
Execute initial remediation actions
Submission of the Security Authorization Package (i.e. Security Plan, Security
Assessment Report (SAR), and POA&M) to the Authorization Official (AO).
Determine the impact of changes to the system and environment (Software Life Cycle (SLC) monitoring).
Cybersecurity Vulnerability Alert (IAVA) monitoring (i.e. Execution, results analysis, compliance determination, POA&M documentation, resolution monitoring).
Assured Compliance Assessment Solution (ACAS) scan monitoring (i.e. Common
Vulnerabilities and Exposures (CVE's) (i.e. Execution, result analysis, compliance determination, POA&M documentation, resolution monitoring.
Assess selected controls at least annually and in accordance with DLA continuous
monitoring program and/or as determined by regulatory and statutory auditing requirements
Logistics Systems Incorporated is an Equal Opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, national origin, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, or any other protected class.
Education Level:
Bachelors degree or higher
Pay Rate:
Commensurate with experience
HR. Website URL:
https://logistics-sys.com/current-openings/
Security Clearance:
Secret
Travel Requirements:
None
Sign Up to Apply to this position
(if you already have a CGO account, just press the button below)
About Logistics Systems Inc
LSI is a mature Service-Disabled Veteran Owned Small Business (SDVOSB) providing large company capabilities with the agility and flexibility of a small business. LSI understands the importance of a solid business infrastructure and offers disciplined management processes with CMMI Level 3 and ISO 9001:2015. We are best known for excellence in Enterprise IT and Business Solutions. We currently serve the National Security and Federal Law Enforcement missions for US Army, Department of Justice, Homeland Security, and Health and Human Services. Visit LSI’s career page at logistics-sys.com
Please visit this employer's Public Profile to see more jobs offered by Logistics Systems Inc