System Security Engineer
San Diego, California
Cask Technologies
Candidate will be providing Information Security Analytics Support to Command, Control, Communications, Computers, Combat Systems, and Intelligence (C5I) / Cyber Readiness Program Mission and Infrastructure Support Services to Commander, Naval Surface Forces, Pacific (CNSP) N6 Department Staff and Divisions. Specific duties are listed below.
Responsibilities
- Provide cybersecurity and Risk Management SME(s) with documented experience, capabilities, training, and technical certification in accordance with DoD 8140 and SECNAV 5239 requirements
- Proven experience in Assured Compliance Assessment Solution (ACAS) scanning procedures and Security Center development
- Proven experience in Host Based Security System (HBSS) to include policy development and tuning for all DOD-mandated point products
- Patching experience for both Windows and Linux systems.
- Risk Management Framework (RMF) Support. Perform RMF support in accordance with DoDI 8510.01 “Risk Management Framework (RMF) for DoD Information Technology, including control validation, documentation development and support, Navy Approving Official (NAO) coordination assistance, and continuous monitoring support, as required, for CNSP Centrally Managed Programs (CMPs).
- Develop and maintain the cybersecurity architecture of the CMP, perform Business Case Analysis (BCA) development, and perform required site surveys for both site and system Authority to Operate (ATOs).
- Perform all required and approved Information System Security Engineer (ISSE) RMF process steps including the following:
- Overseeing the development and maintenance of a system’s cybersecurity solutions
- Identifying system type (IS, PIT, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, Privacy Impact Information (PII), Protected Health Information (PHI), tactical, space, etc., to support RMF Step 1 System Categorization.
- Identifying the security control baseline set and any applicable overlays and tailoring
- Perform development, maintenance, and tracking of the SP.
- Perform security control implementation and testing efforts.
- Initiating the Risk Assessment Report (RAR).
- Perform security testing required as part of Authorization and Accreditation (A&A) or annual reviews, to include scanning, patching, and HBSS implementation and policy development.
- Mitigate and close open vulnerabilities under the system’s change control process
- Participate in any related meetings or teleconferences with assessors, validators, or approving authorities to support A&A requirements.
- Develop the documents required for Authority to Operate (ATOs) decisions and maintaining compliance.
- Support eMASS, DITPR-DON, and DADMS entries for CMPs.
- Support VRAM tracking, acknowledgment, and scanning, as required, for CMPs.
- Command Policy development. Perform research and development of command cybersecurity and information assurance policies under the Force ISSM’s purview.
- Inspection support. Perform research and development of requirements and processes for command cybersecurity and information assurance inspections.
- Develop briefs, checklists, and documentation necessary to self-assess and conduct inspection requirements.
- Spillage and SITREP Support. Provide track command Situation Report (SITREP) actions, reports, and submittals.
- Perform e-spillage coordination, tracking, and reporting.
Requirements
- Must possess and maintain an active U.S Government SECRET Clearance.
- Bachelor’s Degree preferred but not required.
- Strong leadership, organizational, planning, communication, and time management skills; the ability to multi-task and work against strict deadlines is critical.
- Strict attention to detail – must be detail oriented.
- Availability and willingness to lift materials up to 50 lbs., and perform squatting, kneeling, and extended standing.
- Ability to travel occasionally, up to 25%.
- Must possess and maintain IAT Level 2 (e.g. CompTIA Security+ CE).
Preferred Technical Skills
- Possess the requisite training, experience, and/or certifications necessary to perform Risk Management and Information Systems Security functions in accordance with DOD and DON requirements.
- Competent in Microsoft Office, MS Project, and MS Outlook.
- Familiarity with MS TEAMS.
- Proven experience in Assured Compliance Assessment Solution (ACAS) scanning procedures and Security Center development
- Proven experience in Host Based Security System (HBSS) to include policy development and tuning for all DOD-mandated point products
- Patching experience for both Windows and Linux systems.
- Familiarity with eMASS portal
- Familiarity with DITPR-DON / DADMS portal
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS Analytics Clearance Compliance CompTIA DoD DoDD 8140 eMASS ISSE Linux Monitoring Privacy Risk assessment Risk Assessment Report Risk management RMF Travel Vulnerabilities Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs