Posted in

Senior Cyber Security Engineer

Senior Cyber Security Engineer

CompanyCACI
LocationBloxom, VA, USA
Salary$105100 – $231100
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Current Secret Clearance
  • Current Operating System or Networking Technology Certification
  • IT-1 Level Clearance Investigation
  • Navy Qualified Validator Certification (NQV)
  • Bachelor’s Degree
  • At least 12 years of relevant experience providing Information Assurance and Cyber Security services, at least 7 years in DOD

Responsibilities

  • Implementing and applying technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
  • Maintaining network devices and information security incident, damage and threat assessment programs to include providing intrusion support to high technology investigations in the form of network assessments.
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption.
  • Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected in accordance with mandated standards.
  • Participation in the strategic design process to translate security and business requirements into technical designs.
  • Configures and validates secure systems, tests security products/systems to detect computer and information security weakness.
  • Generation of security architecture documentation.
  • Designs and implements plans of action and milestones to remediate findings from vulnerability and risk assessments, as well as providing information assurance for digital information, ensuring its confidentiality, integrity, and availability.
  • IA maintenance to include reviewing logs, scanning for vulnerabilities, mitigation of vulnerabilities, application of patches, running virus scans, and updating virus signatures.
  • Assessing and implementing corrective actions (system patches and fixes) associated with technical vulnerabilities as part of the Information Assurance Vulnerability Management (IAVM) program.
  • Identifying, responding, and reporting security anomalies and integrity loopholes such as system weaknesses or vulnerabilities by reviewing Security Event and Incident Management (SEIM) tools and syslogs.
  • Troubleshooting, maintaining, repairing, managing access control, and analyzing logs for RDT&E networks, information technology, and telecommunication systems.
  • Tracking and reporting certifications of system technicians to the SCSC Information Systems Security Officer (ISSO).
  • Maintaining Privileged Access to information technology systems in accordance with US Navy Cyber Policy.
  • Cyber Security Engineering and IA for A&A technical support and documentation services to assist SCSC in the technical management, administration and execution of program tasks pertaining to the A&A, security, and compliance of SCSC IT infrastructure, systems, and solutions.
  • IA engineering, technical, and administrative services for SCSC IT infrastructure, including future products, services, and technologies.
  • Reviewing and updating network administrative documentation for SCSC information systems and prepare the IT/IA Management Plan.
  • A&A documentation and supporting material for existing and new systems. Validate A&A packages meet compliance requirements and provide reports. Generate A&A POA&Ms for accredited systems. Enter Government approved data into Navy approval system.
  • Reviewing vulnerability and scanning reports to liaise with Systems Administrators to resolve inconsistencies and assess, remediate, and mitigate vulnerabilities.
  • Maintaining and recommending IAVM and SEIM tools to make processes more efficient.
  • Reviewing network and system audit logs and notify the client of potential threats or misconfigurations.
  • Supporting documentation and policy transition to National Institute of Standards and Technology (NIST) Risk Management Framework process.
  • Collect evidence, sanitize systems, and prepare documentation for electronic Incidents and Spillages.
  • Maintaining the Cybersecurity Workforce (CSWF) list that identifies those individuals who are IA trained and certified.

Preferred Qualifications

  • Current Top Secret Clearance
  • IAM Level III or IAT Level III Certification as required by DODD 8570