TRIAEM supports our federal customer who plays a key role in providing direct cybersecurity engineering support. This program provides systems and security engineering and integration support to specific Government-sponsored projects, pilots and prototypes. This includes solution planning and engineering, defining security requirements, target architecture, interoperability and integration, system testing, Verification and Validation, Modeling and Simulation, studies and analysis, post-deploymen... more details
Job Description
TRIAEM supports our federal customer who plays a key role in providing direct cybersecurity engineering support. This program provides systems and security engineering and integration support to specific Government-sponsored projects, pilots and prototypes. This includes solution planning and engineering, defining security requirements, target architecture, interoperability and integration, system testing, Verification and Validation, Modeling and Simulation, studies and analysis, post-deployment security validation (PDSV), and project risk management. As part of this effort, you will serve as an Information Systems Security Officer who will support the Agile Release Trains (ART) in defining security requirements, translating RMF related governance and policies as well as supporting the reduction of cybersecurity risks to our customer's environments.
As an Information Systems Security Officer (ISSO), your responsibilities will include:
Managing all aspects of an organization's information security system, for classified and unclassified systems, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
Understanding the Risk Management Framework (RMF), and how risk management is executed, what risk means, and how to analyze it.
Spearheading Authority to Operate (ATO) and/or Authority to Proceed (ATP) efforts while making independent recommendations to Government Leads during these processes.
Conducting risk analysis from vulnerability and compliance scans, pen testing results, or other audit activity.
Creating written works to include but not limited to Plan of Action and Milestones, System Security Plans, System Specific Policies and Procedures, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
Participating in Agile Planning Events to provide technical input.
Required Education, Experience, & Skills
Bachelor’s degree and 7+ years work experience or equivalent experience or 10 years related work experience, to include:
Being a self-starter who’s able to work in both independent and team environments while building work relationships with SMEs across divisions. Additionally, must be comfortable with cyber security and able to brief issues to the customer.
The ability to articulate and provide a true and accurate status update on government IT systems security posture as well as overall system health to the customer in a clear and concise manner.
Experience executing the NIST Risk Management Framework (RMF) and applying security practices found in NIST publications. (i.e. SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2, etc.)
Experience documenting System Security Plans to include security control implementation statements.
Experience conducting periodic reviews of implementation statements to ensure persistent compliance with applicable government and agency level policies in addition to ISO and NIST standards.
Experience validating the implementation of security controls within a cloud environment (AWS or Azure).
Supporting the security assessment and authorization (or ATO) process.
Analyzing testing results from scans, audits, penetration tests, or other test efforts to determine risk levels.
Hands-on experience with vulnerability management tools such as Tenable Nessus and Security Center.
Conducting Continuous Monitoring and maintaining the security posture of IT systems within on-prem, cloud, and hybrid environments.
Knowledgeable on one or more cloud computing services and technologies including but not limited to: AWS, Microsoft Azure, VMware, etc.
Familiarization with the Microsoft Office 365 Suite. (i.e. Word, PowerPoint, SharePoint, Excel, etc.)
Preferred Education, Experience, & Skills
Cyber program experience within federal customer space a plus!
Familiarization with Scaled Agile Frameworks (SAFe), agile development principles, and DevSecOps methodologies are a plus!
Experience with managing vulnerabilities on virtualized IT systems and assets or virtual machines (i.e. VDI and VMware.) is a plus!
Experience with SAFe Agile tools like Jira, Jira Align, or ServiceNow.
Certifications such as CISSP, CCSP, AWS, Microsoft Azure, CISA, CAP, and SAFe 6 are highly desired.
Clearance:
Secret and ability to acquire a TS
Location:
Hybrid and onsite location is Sterling when required
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
Welcome to Job Abstracts
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.