Cyber Security Engineer

Posted Date 2 months ago(4/6/2021 12:19 PM)
Job ID
2021-3459
Location
US-VA-Quantico
Clearance Required
Yes
Other Clearance
Top Secret

Position Description

 

XLA is looking for a Cyber Security Engineer with management experience that has experience running a SOC within the DoD and have managed the Security Operations Team.

 

The responsibilities and duties include:

 

  • Follow DoD and DoN guidance and instruction specifically, DoD Instruction 8510.01, Risk Management Framework (RMF).
  • IT Security Incident Response support services respond to and report all IT incidents, ranging from security violations (i.e., information spillage and unauthorized usage) to suspicious activity reports.
  • Perform monthly vulnerability scans utilizing DoD/DoN mandated practices and software utilities. Monthly vulnerability scans must be performed using Security Content Automation Protocol (SCAP) tools and Assured Compliance Assessment Solution (ACAS) tool.
  • Perform monitoring and reporting using CYBER SECURITY detection suites including Firewalls, Intrusion Detection Systems/Intrusion Protection Systems (IDS/IPS), Host-Based Security System (HBSS), and Security Event Management Systems (SEM).
  • Report all vulnerabilities to DoN authorities as required/mandated.
  • Document the infrastructure, services, and applications consistent with DoD Risk Management Framework (RMF).
  • Coordinate with NEN cyber security personnel on cyber security policies, procedures, issues, problems, risks, and incidents.
  • Develop, maintain, and monitor the necessary artifacts for RMF package submission to receive Authorization to Operate (ATO) or ATO w/conditions.
  • Respond, coordinate, and collect all artifacts associated with all suspected or validated system and/or network suspicious activities, discovery requests, intrusions, and spillages, as specified by Fleet Cyber Command directives with proper DoN and DoD authorities.
  • Participate in the development and support of the Insider Threat Program.
  • Ensure Government personnel are aware of continuing education requirements and deadlines. Ensure Contractor personnel meet continuing education requirements and deadlines such that cyber security certifications are maintained.
  • Monitor and execute compliance as defined by On-Line Compliance Reporting System (OCRS) for the DoN. Monitor and execute compliance as defined by Vulnerability Remediation Asset Manager (VRAM) for the DoN.
  • Update and validate policies, processes, and SOPs in accordance with DoN and DoD policies and regulations.
  • Complete and submit all DoD, DoN compliance reports within the designated timeframes.
  • Maintain and review all artifacts associated with the Cyber Security Program for transparent access by the ITD.
  • Update all relevant cyber security policies and procedures as needed and as required.
  • Respond to 24/7 mission critical incidents onsite or remotely within a two-hour window.
  • Ensure policy and processes are being performed and/or perform Security Technical Implementation Guidelines (STIGs), patches, and updates, as needed/required.
  • Ensure all ITD solutions meet or exceed all CYBER SECURITY accreditation requirements.
  • Ensure that all mandated documentation is created or updated during any corrective or improvement cycle and properly submitted to the CM library.
  • Standardize technical standards and development practices.
  • Continually review policies and process looking for efficiencies in the creation, review, and submission of accreditation packages reducing the time to achieve ATO from the Navy Authorizing Official (NAO).
  • Provide support for ITD incident management responsibilities which include the gathering, analysis, responding to DoN and/or DoD alerts on suspicious and/or inappropriate activity on networks/systems. Ensure government leadership is notified of incidents within an hour of the event and provided updates on established schedules as necessary.
  • Ensure a secure, certifiable infrastructure, core services, and applications are maintained and vulnerabilities are mitigated in compliance with DoD and DoN requirements.
  • Ensure defense-in-depth to include integrity, availability, authenticity, confidentiality, and non-repudiation of information is accomplished.
  • Ensure all security incidents ranging from suspicious activity to security violations (e.g., information spillage and unauthorized usage) are promptly reported and addressed.
  • Ensure multiple security countermeasures to protect the integrity of information assets are executed.
  • Ensure contractor performance has been benchmarked and compared to industry peers (i.e., meeting or exceeding industry standards).
  • Ensure strengths and weaknesses in Information Assurance functional area are identified and addressed as appropriate.
  • Ensure underlying drivers of performance gaps have been diagnosed, if applicable.
  • Ensure performance improvements have been prescribed.
  • Ensure system and applications approval processes and timelines are streamlined.
  • Ensure infrastructure continually meets or exceeds current compliance rating which is based off of the DoN Command Security Inspection (CSI) or DOD Command Cyber Readiness Inspection (CCRI) programs/ CCORI program and requirements.

Requirements

Requirements:

 

  • Must have an active Top Secret clearance
  • PMP certification is a plus

 

EEO Statement

 

EEOC: XLA is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed