Cybersecurity Engineer III
About the role
The Cybersecurity Engineer III supports Risk Management Framework (RMF) activities, maintains cybersecurity monitoring operations, assists with Assessment & Authorization (A&A) accreditation efforts, identifies and mitigates vulnerabilities, and ensures ongoing compliance with DoD cybersecurity requirements.
Responsibilities
- Support Assessment & Authorization (A&A) efforts for systems seeking or maintaining Authority to Operate (ATO).
- Implement, test, and validate security controls based on system categorization, overlays, and tailored requirements.
- Perform active and passive cybersecurity assessments to identify risks, vulnerabilities, and compliance gaps.
- Develop and maintain accreditation documentation, including: System Security Plans (SSPs), Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).
- Execute eMASS-required activities, such as: Quarterly IV&V Reviews, Quarterly STIG Compliance Checks, Annual Security Reviews (ASRs), Monthly POA&M Updates, ATO/ATC/IATC/IATT Submissions and Renewals.
- Maintain DISA circuit connection documentation and accreditation dependencies.
- Collaborate with system owners, ISSOs, engineers, and stakeholders to ensure cybersecurity compliance and readiness.
Requirements
- Active Secret Clearance.
- 10+ years of cybersecurity, information assurance, or incident response experience.
- Strong knowledge of: Risk Management Framework (RMF), NIST Security Controls, eMASS, DoD Cybersecurity Compliance Requirements, Vulnerability Management and Continuous Monitoring.
- Experience producing and maintaining A&A documentation.
- Ability to analyze cybersecurity findings and develop effective remediation strategies.
- One of the following certifications: CASP+, CCNP Security, CISAC, ISSP (Associate of ISC²), GCED, GCIH.
- CISSP certification preferred.
- Prior experience supporting Navy, DoD, or federal cybersecurity programs.
- Experience with STIG compliance, vulnerability assessments, and security auditing.
- Familiarity with cloud security inheritances and accredited system environments.
Qualifications
- Active Secret Clearance.
- 10+ years of cybersecurity, information assurance, or incident response experience.
- Strong knowledge of: Risk Management Framework (RMF), NIST Security Controls, eMASS, DoD Cybersecurity Compliance Requirements, Vulnerability Management and Continuous Monitoring.
- Experience producing and maintaining A&A documentation.
- Ability to analyze cybersecurity findings and develop effective remediation strategies.
- One of the following certifications: CASP+, CCNP Security, CISAC, ISSP (Associate of ISC²), GCED, GCIH.
- CISSP certification preferred.
- Prior experience supporting Navy, DoD, or federal cybersecurity programs.
- Experience with STIG compliance, vulnerability assessments, and security auditing.
- Familiarity with cloud security inheritances and accredited system environments.
Skills
- Risk Management Framework (RMF)
- Assessment & Authorization (A&A)
- Cybersecurity Monitoring & Incident Response
- Vulnerability Assessment & Remediation
- Security Testing & Compliance Auditing
- Data Analytics & Risk Assessment
- Security Documentation Development
- eMASS Administration
- DISA STIG Compliance
- IT Security & Web Security Tools
Benefits
Everforth Apex offers a comprehensive benefits package including medical, dental, vision, life, disability, and other insurance plans, an ESPP (employee stock purchase program), a 401K program with a company match, a Health Savings Account (HSA) on the HDHP plan, a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program, and other discounts. We also host an on-demand training program, provide access to certification prep and a library of technical and leadership courses/books/seminars, and certification discounts and other perks to associations like CompTIA and IIBA. We have a dedicated customer service team for our Consultants to address questions around benefits and other resources, and a certified Career Coach. For more information, see our 'Welcome Packet' within our benefits, programs, support teams, and resources.