• Senior IA/Cyber Engineer

    Job ID 2019-3197
    Job Locations
    US-VA-Fort Belvoir
    Category
    IT: Information Assurance / Quality / Cyber Security
    Type
    Regular Full-Time
  • Overview

    NCI is a leading provider of enterprise solutions and services to U.S. defense, intelligence, health and civilian government agencies. Coupled with a refined focus on strategic partnerships, we are successfully bridging the gap between commercial best practices and mission-critical government processes. Core competencies include:

    • Artificial intelligence
    • Agile digital transformation
    • Advanced analytics
    • Hyperconverged infrastructure solutions
    • Cyber security and information assurance
    • Fraud, waste and abuse
    • Engineering and logistics

    MF18

    NCI has been designated a 2018 Military Friendly Employer by MilitaryFriendly.com 

     

    Headquartered in Reston, Virginia, NCI has approximately 2,000 employees operating at more than 100 locations worldwide.

    Responsibilities

    NCI: As a Senior Information Assurance / Cyber Security Engineer, you will serve as Program Executive Office Soldier (PEO Soldier), Senior Information Assurance / Cyber Security Technical subject matter expert (SME) in the field of Information Assurance and Cyber Security for Program Executive Office (PEO) Soldier, Fort Belvoir, VA. The incumbent will support the PEO Soldier’s Chief Information Security Officer (CISO) and or Cyber Security Manager. Work closely with staff acquisition specialists and engineers who buy and or develop IT products and services for fielding to Soldiers and coalition forces.  All IT products and or services, are subject to vulnerabilities and man-made or natural threats.  You will be responsible for mitigating vulnerabilities and threats, and ensuring the operational resilience of those IT Systems and Devices that enhances the lethality and mission success for our Soldiers.

     

    Highlights of Responsiblities:

    • Support the PEO’s mission to provide SME guidance concerning all aspects of IT governance and cybersecurity, e.g. design and risk evaluation, throughout the entire IT Lifecycle from pre-conception to decommissioning and provide essential information to decision makers.
    • Is fully engaged in the PEO’s governance of the Department of Defense (DOD) Operation of the IT Life Cycle and Risk Management Framework (RMF) providing outreach, guidance and support to Project and Product Management Offices, as they build, buy or lease IT products or services.
    • Coordinates the technical aspects of cyber security into the entire life-cycle from idea, to conception, test, interoperability, training, fielding, authorization, maintenance and decommissioning. 
    • Developed and incorporate the NIST Cybersecurity Framework, DoD Cybersecurity Strategy, and current civilian Blue Team best practices to prepare, detect, monitor, protect, analyze and defend against evolving cyber threats and attacks.
    • Assist the CISO on all matters relating to the building, buying or leasing of Information Technology (IT) Systems, National Security Systems (NSS) and devices.
    • Supports the PEO Soldier CISO to maintain DOD Inspector General (IG) Command Cyber Readiness Inspection (CCRI), Clinger-Cohen Act, Privacy, and Federal Information Security Modernization Act (FISMA) and any other compliance reporting.
    • Develop engineering input for program management documents to include acquisition plans and strategies, source selection evaluation plans, supportability strategies, system engineering plans, statements of work, and specifications, and ensure appropriate contract clauses are called out in PM-SSL contracts.
    • Coordinate with product managers, users, ATEC, and other Government agencies as needed to translate operational and mission needs into practical system concepts and specifications; Assure compliance with contractual scope, schedules, specifications, and other requirements, and when appropriate, recommend program and contract changes.
    • Develop or evaluate sampling plans based on MIL-STD-1916, ANSI Z1.4, or other industry standards.
    • Review and ensure adequacy of all test plans, procedures, and reports for assigned programs, for both Government and contractor tests; Ensure effective root cause corrective action for all failures as well as adequacy of validation and implementation plans.
    • Evaluate engineering change proposals and waivers/deviations and conduct physical and functional configuration audits; Prepare contract letters for Quality Lead and COR signature for review of system related data; Conduct audits of contractor system assembly and test procedures, to ensure contractor adherence to the specification, and to all contract requirements; Work with contractors to improve their processes and implementation of process controls.
    • Conduct continuing review and evaluation of system performance through review of reports, correspondence, data bases, field data, product and process audits, and observation of internal operations. Provide Product Assurance Suitability Statement for material release.
    • Perform top level design, development, fabrication, testing, installation and troubleshooting.

    Qualifications

    Requirements:

     

    • Candidates must possess or agree by applying for this position to complete DoD’s Risk Management Framework (RMF) and Enterprise Mission Assurance Support Service (eMASS) formal classroom training and earned a certificate of completion within six (6) months of employment or lose this position and possibly employment by NCI.
    • Active DoD Secret clearance required.
    • Expert knowledge of but not limited to: application of engineering and integration of computer hardware and software, tactical networking, and satellite communications to determine the cyber security survivability posture of assigned PEO Soldier system software design and implementation in the framework of Risk Management throughout the materiel’s life cycle.
    • Disciplines to work as a Cyber Security Developer, with knowledge of Cybersecurity Integration concepts, principles, methods, and practices on a variety of acquisition issues to serve as cybersecurity technical expert to the CISO and CIO.
    • Knowledge of analytical methods and practices to conduct analyses of problems and/or issues affecting assigned area of responsibility and recommend approaches and procedures in resolution of cybersecurity and integration problems.
    • Knowledge of Risk Management Framework (RMF) for tactical acquisition systems to ensure that acquisition Authorization to Operate (ATO) packages are prepared and maintained in accordance with the RMF.
    • Knowledge of NIST Special Publication 800-53 to ensure systems adhere to validation procedures and implementation guidelines.
    • Knowledge of cybersecurity for Programs of Records and Acquisition Systems to work with program managers to determine when new or updated authorizations are required.
    • Skill in oral and written communication to develop and maintain the organizational tactical security architecture plan; prepare and present reports and recommendations; and prepare and update manuals, instructions, and operating procedures.
    • Skill in applying: network standards, protocols, and procedures; capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware within the Army tactical network to address security plans for future systems (e.g. Cyber Range, data links, wireless internet, Cloud, Internet of Things (IoT), etc.).
    • Ability to conduct systems analysis and design methodologies to coordinate tactical cybersecurity architecture and integration for testing events.
    • Ability to evaluate computer systems design, prototypes, and computer applications from an operational test and evaluation perspective for cybersecurity to perform tactical cyber security test and evaluation planning.

     

     Education and Experience:

     

        High School/GED AND ≥ 20 years

        Associates Degree AND ≥ 16 years

        Bachelor in non-Directly related field AND ≥ 15 years

        Bachelor in Directly related field AND ≥ 10 years

        Masters in non-Directly related field AND ≥ 10 years

        Masters in Directly related field AND ≥ 7 years

        Doctorate AND ≥ 5 years

     

    Certification required must include one or more of the following:  (*Certification(s) may be waived for candidates with combined advanced education in Computer Science Information Systems and relevant military experience in CyberSecurity.)

     

    ISC2 Certified Information Systems Security Professional (CISSP)

        ISACA Certified Information Security Auditor (CISA)

        GIAC Certified Enterprise Defender (GCED)

        GIAC Certified Incident Handler (GCIH)

        GIAC Global Industrial Cyber Security Professional (GICSP)​

        EC-Council Certified Ethical Hacker (CEHv9)

        CompTIA Advanced Security Practitioner (CASP) Continuing Education (CE)

        Cisco Certified Network Professional Security (CCNP-Security)​

     

     

    Preferred Education and Experience:

     

        Strongly prefer and seek an incumbent with three plus (3+) years of experience with Cloud computing or Internet of Things (IoT) technologies

        Be a subject matter expert or specialty in at least three (3) of the following domains one of which should include Wireless, IoT, or Cloud Security: Authentication and Directory Services, Identity Management, Network Security, Endpoint Security, Cloud Security, Internet of Things Security, Wireless Security, Intrusion Detection and Response, Mobile Security, Vulnerability Management, Data Loss Prevention, Software Security or Application Security.

        Demonstrated skill in oral and written communication explaining complicated technical requirements or controversial issues in a succinct briefing and offering a recommended course of action (COA) to senior management officials for their decision.

    ISC2 Certified Information Systems Security Professional (CISSP)

        ISACA Certified Information Security Auditor (CISA)

        GIAC Certified Enterprise Defender (GCED)

        GIAC Certified Incident Handler (GCIH)

        GIAC Global Industrial Cyber Security Professional (GICSP)​

        EC-Council Certified Ethical Hacker (CEHv9)

        CompTIA Advanced Security Practitioner (CASP) Continuing Education (CE)

        Cisco Certified Network Professional Security (CCNP-Security)​

        Certified Cloud Security Professional (CCSP)

        Amazon Web Services (AWS) Cloud Certification

        Certified Wireless Network Administrator (CWNA)

        Certified Wireless Security Professional (CWSP)

        Certified Wireless Analysis Professional (CWAP)

        Certified Wireless Design Professional (CWDP)

        CompTIA Network+

        Cisco Certified Network Associate (CCNA) Cloud, Security or Wireless

        Cisco Certified Network Professional (CCNP) Security or Wireless

        Linux Professional Institute (LPI) Certification

     

      

     

    This position requires the ability to perform the below essential functions:

     

        Sitting for long periods

        Standing for long periods

        Ambulate throughout an office

        Ambulate between several buildings

        Stoop, kneel, crouch, or crawl as required

        Repeatedly lift and carry weight up to 25 pounds

        Travel by land or air transportation 10 %

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.