Journeyman System Security Engineer (SSE)
Responsibilities
Provide support to PMA-268 Cyber Leads in execution of the PMA-268 Cybersecurity Program.
Coordinate with PMA-268 Cyber Leads when changes occur that might affect system’s security posture, cybersecurity authorization(s) and/or certifications.
Review system documentation to obtain and sustain Subject Matter Expert (SME) level knowledge of the system architecture, functionality and capabilities.
Conduct critical function analysis. Identify Mission Essential Functions (MEF).
Understand vulnerabilities and attack vectors that can impact the cyber posture of the systems/environment. Identify and recommend security solutions to PMA-268 Cyber Leads.
Lead system security certification and registration activities (e.g. CSfC, CDS, Cryptographic Modules).
Assist IPT ISSO with the following activities identified in the PMA-268 Cyber RMF Roles and Responsibilities chart.
- Define Information Types work with engineering to ensure the proper information types for the system(s) are identified.
- Approval of CIA identify the initial CIA impact levels for the identified information types and socialize with the Class Desk for concurrence.
- Review POA&M ensure awareness of all open findings and identify areas of concern that need to be socialized with the Class Desk when cost, schedule, or performance impacts are identified.
- Mitigation identification for open findings.
- Investigate potential issues (e.g. Open Source, foreign software).
Qualifications
- Technical or Scientific BS or BA degree from an accredited college or university.
- Minimum of seven (7) years of cyber-related experience in a DoD environment is highly desired.
- Program office experience highly desired.
- Aviation engineering experience highly desired.
- Active DoD Secret Clearance or higher is required.
Benefits
- No actions to be stagnant for longer than 2 weeks.
- Provide updates to the following Cyber Status Slide (weekly), Microsoft Planner Task Status (weekly), Task Tracker (weekly), Cyber Schedule (biweekly).
- Provide meeting summary notes for meetings attended to the PMA-268 cyber team for awareness.