Cybersecurity System Security Engineer II - M (Management)

Description:

The System Security Engineer' s primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC acquisition programs. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities to meet NIST Cybersecurity requirements for system Assessment & Authorization.

Performance shall include:

• Serve as the RMF Cybersecurity Specialist for the organization's Systems.
• Maintain Day-to-Day security analysis of RMF packages to ensure timely updates and notifications.
• Update RMF Security Control Families as required and properly process through eMASS.
• Maintain thorough understating of NIST 800-53 and NIST 800-171 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix.
• Provide support and recommendations to Program Managers and Security Authorities to maintain appropriate information assurance (IA) posture(s) for programs and systems.
• Conduct reviews to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
• Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
• Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g. IA SOP, SSP, MSSP, RAR and SCTM)
• Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration with existing SAP network infrastructures
• Develop and provide IA risk management recommendations to the customer
• Represent the Government Program Manager in various SSE related working groups, advisory groups, and advisory council meetings

Requirements:

Experience:

6-8 years total experience, including minimum 4 years' experience within SCI or SAR environment. Minimum 2 years of SAP relevant experience highly desired.

Education:

Bachelor's degree in a related discipline or equivalent additional experience (4 years)

Certifications:

Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 1 and Information Assurance Manager Level 2 within 6 months of the date of hire

Security Clearance:

• Current Top Secret Clearance with SCI Eligibility
• Eligibility for access to Special Access Program Information
• Willingness to submit to a Counterintelligence polygraph

Other Requirements:

• Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents
• Full understanding of Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) processes for system accreditation, along with legacy (DITSCAP, DIACAP) processes
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
• Possess a high degree of originality, creativity, initiative requiring minimal supervision
• Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)