blog.nvalabs.org

Security Systems Engineer Job at Sev1Tech

Sev1Tech United States

Job Information

  • Date Posted
    2023-05-15
  • Location
    United States
  • Job Title
    Security Systems Engineer
  • Gender
    Both
Overview/ Job Responsibilities:
  • Provide technical support to develop and deliver IT business solutions System Security Authorization Agreement (SSAA) to achieve A&A approval of IT Support systems IAW Risk Management Framework (RMF) and other Naval Guidance.
  • Perform Steps 1 through 6 in accordance with the latest edition of the RMF Process Guide.
  • Develop all documents required for Steps 1 through 6.
  • Populate program’s eMASS package with test results, and POAM items as necessary.
  • Coordinate with the NQV, PSO, and PM concerning RMF requirements and issues
  • Utilize eMASSter for ACAS, STIG, and SCAP testing analysis.
  • Meet all CSWF requirements for Navy ISSE.
  • Develop Security Requirements Traceability Matrix (STRM), aligning security requirements with the individual components of a system.
  • Provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800-Publications.
  • Coordinate with system owners and development teams concerning RMF process and solutions.
  • Produce documentation about IA Controls for application development team support and provide guidance on IA Control mitigation.
  • Utilize eMASS and ensure all checks of systems and applications for IA vulnerabilities using approved automated IA tools (ACAS, SCAP-compliant scanners, DISA STIG Viewer, etc.), custom scripts and manually (Security Technical Implementation Guides [STIGS]) is documented.
  • Document raw findings in a quick look report, for customer notification. Create and maintain system Plan of Action and Milestones (POA&M).
  • Produce weekly security briefs and reports for delivery to stakeholders and senior management.
  • Review cloud, commercial, and government system cybersecurity implementation, document/assess results, and provide a recommendation concerning risk and authority to operate.
  • Consult on current RMF status to achieve an ATO award and upcoming projects covering all levels of IT Security
  • Maintain awareness of changing Navy RMF guidance.
Minimum Qualifications:
  • US Citizenship Required.
  • Most Hold Active DoD Secret Clearance.
  • Valid Security+, CISSP, or equivalent certification (Minimum: DoD 8570.1-M IAT Level II).
  • Minimum fourteeen (14) years of experience in information technology, software engineering and application software, development for C4ISR systems or other federal agency IT Systems to include: Technology Analysis and Assessment, Requirements Definition, Design Definition, Development of Systems Specification, Systems Analysis, Systems Architecture, Software Development, Verification and Validation, Writing technical documentation, procedures and/or guidelines, Training, Systems/Equipment Integration, Production Release or Installation.
  • Knowledge of the overall Risk Management Framework and NIST compliance as a security professional.
  • Experience performing/reporting risk assessments and audits.
  • Experience using eMASS, STIGViewer, eMASSTer and other DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
  • Must possess experience leading RMF (Risk Management Framework) to ATO (Authority to Operate) processes on both IA systems in Development and Production.
  • Must have experience with DoD-specific (Department of Defense) Information Assurance protocols, policies, & procedures.
  • Experience presenting to clients or management to present technical and non-technical information to allow key personnel to make informed decisions.
Minimum Clearance Requirements: Active Secret Clearance
Desired Qualifications:
  • Understanding of Federal Information System Controls Audit Manual (FISCAM) methodology, control activities, techniques, and execution in support of audit readiness.
  • High-level knowledge of DevSecOps and cloud (AWS or similar) within a DoD environment.
  • Experience performing in an Information Assurance or Cyber Security capacity working with DevOps or DevSecOps engineers within cloud environments (AWS, Azure, PCF or similar).
  • Experience with Continuous-ATO.
  • Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats.
About Sev1Tech LLC:
Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: https://www.sev1tech.com/careers/ #joinSev1tech

For any additional questions or to submit any referrals, please contact: Melissa.Harner@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.



Please Note :
blog.nvalabs.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, blog.nvalabs.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.
Top Jobs

Related Jobs