ASEC3 is seeking Cyber Security Project Engineer to act as a technical management resource for information system security matters. Provides technical and programmatic Cyber Security and Information System Security Management Services to internal and external
customers in support of network and information security systems.
Candidates must already possess a current and active TS/SCI with Poly clearance to be considered for this position.
- Ensures the development and implementation of information security policy, requirements, and procedures within an organization’s business processes.
- Reviews documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
- Provides assessment and authorization (A&A) management support by guiding the development of all documentation necessary to complete the A&A process to include system security plans, contingency plans, and other associated documentation.
- Conducts complex vulnerability assessments to include; development of risk mitigation strategies with the customer; adjudicating based on assessing the vulnerabilities, threats, and risk associated with assessment. Reviews system configurations and scan tool results in order to determine system compliance and report results.
- Analyzes policies and procedures against Federal laws and customer regulations and provides recommendations for closing gaps.
- Develops strategies to comply with privacy, risk management, and e-authentication requirements.
- Provides cyber security and information system security support for the development and implementation of security architectures to meet new and evolving security requirements.
- Evaluates, develops and enhances security requirements, policy and tools.
- Provides assistance in computer incident investigations. Performs vulnerability assessments including
development of risk mitigation strategies.
- Requires 12 to 15 years with BS/BA or 10 to 13 years with MS/MA or 7 to 9 years with PhD
- Candidate shall demonstrate strong experience with customer’s Assessment and Authorization (A&A) process (e.g. RMF, NIST800-53, ICD503)
- Candidate shall demonstrate strong understanding of Cyber Security Policies
- Candidate shall have strong understanding of Networks and IT systems
- Candidate shall demonstrate strong communication skills
- Candidate shall demonstrate experience working with and across teams and handling multiple projects at once.
- Candidate shall demonstrate understanding of strong security practices and working with Security Officers
- Candidate should have accreditation tool experience (e.g., Xacta, Nessus, AppDetective, WebInspect)
- Candidate should have professional certifications (e.g., CISSP, CISM, CASP, CISA, Security+)
We are an Equal Opportunity/Affirmative Action Employer.
We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. Equal Opportunity Employer Minorities/Women/Vets/Disabled.