Jobs · Information Technology · Massachusetts

Senior Cyber Security Engineer/Information Systems Security Manager (ISSM)

Modern Technology Solutions, Inc. (MTSI) · Hanscom AFB, MA · 2 wk ago
Information TechnologyFull-time

Responsibilities

  • Participate in acquisition meetings (PMR, PDR, CDR, etc.), concept of operation (CONOP) working groups, change boards, technical exchange meetings and other similar activities.
  • Work between architecture-level and implementation-level engineering meetings to maintain a system-wide view of security functions and apply risk mitigation strategies at the appropriate level.
  • Advises customer on Risk Management Framework (RMF) assessment and authorization issues.
  • Develops and implements a security assessment plan.
  • Performs risk assessments and makes recommendations to DoD agency customers.
  • Advise government program managers on security testing methodologies and processes.
  • Evaluate authorization documentation and provide written recommendations for authorization to government PM's.
  • Develop and maintain a formal Information Systems Security Program.
  • Ensure that all IAOs, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties.
  • Develop, review, endorse, and recommend action by the AO or DAO of system assessment documentation.
  • Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media.
  • Develop and execute security assessment plans that include verification that the features and assurances required for each protection level function.
  • Develop policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents.
  • Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system.
  • Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements.
  • Develop and execute an information security education, training, and awareness program, to include attending, monitoring, and presenting local cyber security.
  • Assess changes in the system, its environment, and operational needs that could affect the authorization.
  • Achieve a valid Authorization determination for all authorization boundaries under your purview.

Requirements

  • 12+ years' technical experience in cybersecurity, information technology with focus on cybersecurity implementations.
  • Firm understanding of the DoD 8500.1-M, DoDM 5205.07, Volume 1, Joint SAP Implementation Guide (JSIG), National Institute of Standards and Technology (NIST) Special Publication 800-53, Intelligence Community Directive (ICD) Number 503.
  • Experience with EMASS, XACTA or equivalent RMF tools.
  • PIT/Platform experience.

Qualifications

  • Bachelor’s degree in engineering, computer science, cybersecurity, networking, or programming.
  • In one or more of the following certifications: Certified Information Systems Security Professional (CISSP or CISSP-ISSEP/CISSP-ISSAP).

Certification Requirements

  • Must meet position and certification requirements outlined in DoD Directive 8140 for Information Assurance Manager Level II.

Clearance Requirements

  • Active Top-Secret clearance with SCI and SAP eligibility.
  • SAP experience desired.

Similar jobs