Address
Form of workNakupuna Consulting is looking for a Cybersecurity Engineer to provide subject matter expertise in preparing Certification and Accreditation (C&A) packages. This includes DoD Information Assurance Certification and Accreditation Process (DIACAP) or Risk Management Framework (RMF) accreditation package and artifact generation, planning and executing security test and evaluation (ST&E), analyzing test results, drafting Risk Assessment Reports (RAR), C&A Plans, Plan of Actions and Milestones (POAMs), crafting mitigation statements, and Enterprise Mission Assurance Support Service (eMASS) entries. They must have experience with performing vulnerability scans on various operating systems using approved Defense Information Systems Agency (DISA) tools.
The following reflects management’s definition of essential functions for this job but does not restrict the tasks that may be assigned. Management may assign additional duties and responsibilities to this job at any time due to reasonable accommodation or other reasons.
- Maintains oversight of the cybersecurity risk assessment process within the overall Risk Management Framework Assessment and Authorization (A&A) process, assists with the assessment of the security controls, and certifies the residual risk in support of an RMF authorization.
- Ensure compliance of security configurations for IT systems and aid in providing clear and concise processes and procedures for the implementation and enforcement of system security configurations.
- Involved in preparing and passing Command Cyber Readiness Inspection (CCRI) tests done by Department of Defense.
- Plan, implement and maintain information assurance activities and controls.
- Perform penetration testing, analyzing systems for STIG compliance.
Skills/Qualifications: Excellent technical, organizational, decision-making, analytical, and planning skills. Effective communicator who takes initiative and the ability to adapt to dynamic environments.
The candidate must have the skills and knowledge to develop, maintain, and perform validation testing of the Certification and Accreditation (C&A) documents that are required as part of for the NIST 800-53 and 800-37 Information Assurance (IA) Control and Risk Assessments. Must support the risk management process by helping to determine and assign risk impact ratings in accordance with Information Assurance standards guidelines and methodologies and by aiding in the development and maintenance of Plans of Action and Milestones (POA&Ms) for IT systems identified in the Risk Management Framework (RMF) process and annual security assessments of IT systems.
Education and Experience: Bachelor’s degree in a technical major from an accredited institution as well as a minimum of (5) five years of relevant professional experience. Equivalent years of related work or military experience in lieu of degree will also be considered.
The ideal candidate should also have experience with the following:
- Endpoint Security Solutions (ESS)
- Assured Compliance Assessment Solution (ACAS)
Certification Requirements: This position requires a professional certification in compliance with DoD 8570 Information Assurance Technical (IAT) Level II which may include CompTIA Advanced Security Practitioner (CASP+), CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
Clearance: Must currently hold an active Top Secret SCI level of security clearance. Must be a U.S. Citizen.
Physical Requirements: In addition to the skills and qualifications mentioned above, candidates must, at a minimum, be able to meet the following physical requirements.
- Ability to lift up to 25 pounds
- Ability to use stairs without assistance
- Ability to perform repetitive motions with the hands, wrists, and fingers
- Ability to engage in and follow audible communications in emergency situations
- Ability to sit for prolonged periods at a desk and working on a computer
- Ability to stand, sit, walk, lift, carry, reach, kneel, crouch, bend and climb a step stool/ladder
The Nakupuna Companies use a market-based compensation strategy to ensure that our employees are compensated within applicable market ranges commensurate with multiple factors, including but not limited to the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, organizational requirements, and position location. The projected compensation range for this position is $80,000.00 to $140,000.00 (annualized USD). The good faith salary range displayed represents the position at time of posting and is just one component of Nakupuna Companies total compensation package for employees.
