Cybersecurity Engineer, Senior in Fort Belvoir, VA at Booz Allen Hamilton Inc.

Date Posted: 11/17/2018

Job Snapshot

Job Description

Job Number: R0037944

Cybersecurity Engineer, Senior

Key Role:
Perform program management functions for an Army client and plan, coordinate, and manage activities to enable the execution of the RMF and ICD 503 for the client and MSCs, information systems, and applications. Coordinate with the client, DAO, a DoD agency, Army CIO, OMB, NETCOM, MSC elements, system owners, vendors, and system developers to collect and verify information assurance (IA) artifacts, policies, and procedures and prioritize and plan RMF and ICD 503-required activities for testing and documenting security control compliance and risk mitigation. Coordinate and conduct technical vulnerability scans of client systems and applications using approved DoD and Army tools and verify and validate inherited and technical IA controls and mitigations strategies versus DoD standards. Prepare, register, and submit system information and Program of Action and Milestones (POA&Ms) to federal databases to comply with DoD and Army directives and regulations and implement and document Certificate of Networthiness (CoN) processes for client systems and applications. Coordinate and provide guidance, assistance, and recommended courses of action for system owners to ensure compliance with DoD, Army, and client Cybersecurity policies and prepare and submit executive RMF and ICD 503 packages to the AO or DAO for review and signature. Track information system assessment and authorization (A&A) status and prioritize and plan for annual security control compliance activities. Collect and verify continuity of operations (COOP) and disaster recovery (DR) plans to validate compliance with mission assurance requirements and standards and provide IA training and awareness to client and MSC system and application owners.

Basic Qualifications:
-8 years of experience with Cybersecurity, IA, and JWICS accreditation support, DoD IA RMF, DIACAP, DCID 6/3, and ICD 503
-2+ years of experience with developing and presenting technical information and presentations to non-technical audiences and clients
-Knowledge of DoD, Army, and intelligence community IA and security laws, regulations, and policies, including mandates
-Knowledge of FISMA and reporting requirements, including eMASS and Xacta usage
-Active TS/SCI clearance required
-DoD 8570-compliant certification, including Security+ required

Additional Qualifications:
-Experience with intelligence C&A procedures, DIACAP, DCID 6/3, and ICD 503 processes and POA&M tracking and resolution
-Experience with DoD security technical implementation guides (STIGs) and checklists and DoD testing tools, including Gold Disk, Security Readiness Review Scripts (SRRs), and SCAP and the Retina Nessus ACAS scanning tool
-Experience with DoD 8500, AR 25-2, AR 380-5, AR 380-40, DCID 6/3, ICD 503, FIPS, DoD, and Army IA policies
-Possession of excellent oral and written communication skills
-BA or BS degree
-DoD 8570-Compliant Certification, including CISSP preferred

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.