View all jobs
CYBER SECURITY ENGINEER (ICD 503)
Mclean, Virginia · Information TechnologyNorthHill Technology Resources has a need for a Cyber Security Engineer for a newly awarded DoD Program in Mclean, VA. This role requires US Citizenship with an active TS/SCI or CI Poly Clearance.
Cyber Security Engineer
The Cyber Security Engineer provides support to the program Information Systems Security Engineer (ISSE), lending their expertise on security requirements governing design, implementation, and deployment of customer high performance compute, storage and network infrastructures. While the program Information System Security Engineer (ISSE) serves as a focal point to customer Accrediting Officials and primary advisor to the program Chief Engineer on security-related design attributes and policies affecting the accreditation of the customer’s infrastructure, the Cyber Security Engineer will be involved in the implementation and execution of security controls, certification test plans, and other activities needed to achieve and maintain system Authority to Operate. The Cyber Security Engineer may also provide COMSEC support and systems integration on-site support, where on-site could be Northern VA area or at the data center location. Must have active TS/SCI – CI Poly needed to start.
Technical Requirements
Cyber Security Engineer
The Cyber Security Engineer provides support to the program Information Systems Security Engineer (ISSE), lending their expertise on security requirements governing design, implementation, and deployment of customer high performance compute, storage and network infrastructures. While the program Information System Security Engineer (ISSE) serves as a focal point to customer Accrediting Officials and primary advisor to the program Chief Engineer on security-related design attributes and policies affecting the accreditation of the customer’s infrastructure, the Cyber Security Engineer will be involved in the implementation and execution of security controls, certification test plans, and other activities needed to achieve and maintain system Authority to Operate. The Cyber Security Engineer may also provide COMSEC support and systems integration on-site support, where on-site could be Northern VA area or at the data center location. Must have active TS/SCI – CI Poly needed to start.
Technical Requirements
- Achieving Risk Management Framework milestones leading to Authority to Operate
- Support program ISSE to Identify project security requirements, based on RMF or as
the result of security issues that put the customer’s systems at risk. - 5+ years of experience in system security certification and accreditation to include system hardening.
- Understanding/experience with Linux security, virtualization security, container
(Kubernetes) security, or network security. - Familiarity with open-source code.
- Review and analyze new system hardware and software and provide recommendations concerning system security.
- Participate in network design reviews and security testing for the customer’s networks.
- Coordinate with system development teams to ensure network security standards are followed and implemented correctly.
- Support the program ISSE in coordinating activities between engineers, program representatives, DAOs, ISSO, and other stakeholders involved in accreditation and
authority to operate/connect processes. - Review applicable document/artifacts, such as Security Requirements Traceability Matrixes (SRTMs), System Security Plans (SSPs), Disaster Recovery (DR) and other IA documentation for completeness. Provide recommendations to improve.
- Monitor and coordinate Continuous Monitoring (ConMon) activities for weekly, monthly, quarterly and annual controls
- Provide guidance and support to projects requiring ICD 503 A&A, including deployments to both standard networks and containerized (Kubernetes) IC Cloud environments.
- Work closely with Computer and Facility Security Offices to ensure NISPOM Chapter 8 and ICD 503 requirements are compliant across multiple network platforms.
- Support all phases of the A&A System Security Engineering life cycle to include
Software assessments / approvals, system hardening, creation of system CONOPs,
test plans, and development of System Security plans. - Prepare security documentation including RMMs, SCL, SSP and CTPs.
- Assist engineers and development team with securing solutions to STIGs and other standards.
- Optimize security documentation and visibility using tools such as NESSUS, HBSS, NetWitness and others.
- As required, maintain Government-provisioned Communications Security (COMSEC).
- Bachelor’s degree in computer science, networking, systems engineering or security related fields. Work experience in relevant fields may be considered for equivalency.
- Sec+ certification
- CISSP (DOD 8570) or equivalent preferred