Cyber Security Engineer

Posting Description
Company Overview
GovCIO is a team of transformers--people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation governmental operations that improve the citizen experience every day.
But we can't do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We're changing the face of I.T. - from our diverse staff to the end-products we develop. And we're excited to expand our team. Are you ready to be a transformer?
Responsibilities
The Cyber SecurityEngineer's roleinvolves overall security of the deployed systems network architecture from initial connectivity to the daily operations of the deployable kits via RMF processes. The Cyber Security Engineer will report to the ISSM. They will also participate with the installation, monitoring, maintenance, support, vulnerability management and optimization of all network hardware, software, and communication links. The Cyber Security Engineer will work with the lead Systems/Network Engineer for all network software and hardware upgrades. They must be able to work in collaboration with the other network/IA staff to resolve any information security issues in a timely manner. The Cyber Security Engineer will maintain detailed documentation of the network infrastructure and keep abreast of new and emerging technology to meet ever changing network demands. Other responsibilities include:

• Participates with the client in the strategic design process to translate security and business requirements into technical designs.
• Configures and validates secure systems and tests security products and systems to detect security weakness; performs network scanning and vulnerability analysis.
• Ensures that the appropriate security features and safeguards have been implemented on all information systems as required by DoD/IC policy and directives, and industry best practices.
• Performs defense device system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of all implemented, maintained, and deployed systems.
• Provides security certification test and evaluation of assets, vulnerability management and response, security assessments, customer support and provides guidance on security issues.
• Completes XACTA and eMASS (Enterprise Mission Assurance Support Service) IA packages as required.
• Protects data, software, and hardware by coordinating, planning, and implementing network security measures.
• Confers with network users about solving existing system problems.
• Assists in system hardening, security testing and trackingPlan of Action and Milestones (POA Ms)items until corrective actions are in place.
• Performs scans, implementation of DISA STIG's, and create Body of Evidence (BOE) documentation.
• Demonstrated knowledge of the Risk Management Framework.
• Demonstrated knowledge of DoD Information Assurance Certification and Accreditation Process.
• Demonstrated experience planning, implementing, managing, monitoring, and upgrading Cyber Security measures for the protection of Enterprise IT and DoD Platform IT.
• Excellent interpersonal and organizational skills.
• Ability to work in a team environment and collaborate.
• Ability to work with the customer.
• Ability to think through problems and visualize solutions.
• Good analytical and problem-solving skills.
• Ability to work with all levels of staff within and outside of IT and outside the organization.
• Ability to quickly learn new or unfamiliar technology and products using documentation and internet resources.
• A self-starter able to work independently but comfortable working in a team environment.
• Dependable and flexible when necessary.

Mandatory Qualifications

• TS/SCI Eligibility
• High School with 6 - 9 years (or commensurate experience)
• Current DoD 8570.01-M IAM Level II (CAP, CASP CE, CISSP, GSLC, or CISM) compliance
• Excellent working experience with Risk Management Framework (RMF) implementation across multiple phases of a large program
• Excellent working knowledge of vulnerability management practices
• Excellent working experienced with generating and maintaining ICD 503 Security Body of Evidence (to include): System Security Plan (SSP), all required appendices, attachments, system test procedures (STP), security control traceability matrices (SCTM), security assessment results, and POA Ms
• Ability to perform and/or analyze STIG or CIS compliance scans
• Working knowledge of Department of Defense IA and Cyber policies, instructions, directives, and technical guidance
• Working knowledge of servers, platforms, and networking

Desired Qualifications

• Demonstrated knowledge of XACTA and/or eMASS
• Demonstrated knowledge of Tenable, ACAS, Qualys
• Experience with DoD deployed communications
• Experience with DoD NIPR, SIPR and JWICS Networks

#cjpost
COVID/Equal Opportunity Employer
COVID Policy: New employees will be required to adhere to the Company's and its clients' COVID-19 safety procedures. In the event that the COVID-19 vaccination mandate for Federal Contractors is enforced, you must become fully vaccinated or request and be approved for an exemption. Employees working onsite at a client location must comply with our client's COVID-19 requirements.
GovCIO is a team of professionals who want to make a difference. And that can only happen with a diverse, happy, and cared-for team. So, we prioritize your well-being, equity for all and look for ways to make work a better place for each of us every day.
We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/ F/Vet/Disabled