CSfC Information Assurance Engineer, Mid

Key Role:
Support ongoing Certification and Accreditation (C&A) and Commercial Solutions for Classified (CSfC) activities for a DoD mobility program. Maintain responsibility for C&A activities, including conducting security risk assessments of systems and equipment, assisting engineers with identifying security solutions for vulnerabilities, analyzing and mapping DoD Security Technical Implementation Guides (STIGs) for system infrastructure components and mobile devices, maintaining and adhering to CSfC requirements, submitting change requests for mobile device management (MDM) and mobile application store (MAS) components, analyzing a Plan of Action and Milestones (POA&M), creating and updating documentation to support Risk Management Framework (RMF) accreditations, performing vulnerability management using DoD tools in conjunction with the Assured Compliance Assessment Solution (ACAS) data feeds, and submitting RMF packages using the Enterprise Mission Assurance Support Service (eMASS). Interact with clients to perform technical audits. Brief technical Cybersecurity postures to client leadership, prepare brief slides and a summary of vulnerabilities, and articulate how to prevent and mitigate future Cyber threats, as required. This position is located in Fort Meade, MD.

Basic Qualifications:
-5+ years of experience with C&A of DoD systems
-2+ years of experience with analyzing and evaluating security documentation regarding mobile device systems, including system security plans, contingency plans, security procedures, and continuity of operations plans
-2+ years of experience with commercial mobile device security architecture evaluations, guidance development, and troubleshooting
-Experience with the RMF

-Knowledge of CSfC
-Secret clearance required

-HS diploma or GED

Additional Qualifications:

-Experience with DoD information assurance policies, directives, and STIGs, as applicable to mobile devices

-Experience with using DoD and eMASS systems preferred
-Experience in assessing the organizational risks associated with mobile device implementations and recommending mitigation strategies

-Experience with analyzing CSfC components
-Knowledge of NIST 800 series publications, including 800-30, 800-37, 800-53, and 800-53
-Knowledge of DoD FSO review procedures

-BA or BS degree
-DoD 8570 IAT Level II Certification, including Security+ or CISSP

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Not ready to apply? Join our talent community and sign up for job alerts.