• Job ID 2019-3745
    Job Locations
    US-VA-Fort Belvoir
    Category
    IT: Information Assurance / Quality / Cyber Security
    Type
    Regular Full-Time
  • Responsibilities

    NCI: As a Senior Information Assurance / Cyber Security Engineer (Functional Engineer V), you will serve as Program Executive Office Soldier (PEO Soldier), Senior Information Assurance / Cyber Security Technical subject matter expert (SME) in the field of Information Assurance and Cyber Security for Program Executive Office (PEO) Soldier, Fort Belvoir, VA. The incumbent will support the PEO Soldier’s Chief Information Security Officer (CISO) and or Cyber Security Manager. Work closely with staff acquisition specialists and engineers who buy and or develop IT products and services for fielding to Soldiers and coalition forces.  All IT products and or services, are subject to vulnerabilities and man-made or natural threats.  You will be responsible for mitigating vulnerabilities and threats, and ensuring the operational resilience of those IT Systems and Devices that enhances the lethality and mission success for our Soldiers.  In assuming this position, you will be a critical contributor to meeting NCI's mission: To deliver innovative, cost-effective solutions and services that enable our customers to rapidly adapt to dynamic environments.

     

     

    Highlights of Responsiblities:

     

    •     Support the PEO’s mission to provide SME guidance concerning all aspects of IT governance and cybersecurity, e.g. design and risk evaluation, throughout the entire IT Lifecycle from pre-conception to decommissioning and provide essential information to decision makers.
    •     Is fully engaged in the PEO’s governance of the Department of Defense (DOD) Operation of the IT Life Cycle and Risk Management Framework (RMF) providing outreach, guidance and support to Project and Product Management Offices, as they build, buy or lease IT products or services.
    •     Coordinates the technical aspects of cyber security into the entire life-cycle from idea, to conception, test, interoperability, training, fielding, authorization, maintenance and decommissioning.
    •     Developed and incorporate the NIST Cybersecurity Framework, DoD Cybersecurity Strategy, and current civilian Blue Team best practices to prepare, detect, monitor, protect, analyze and defend against evolving cyber threats and attacks.
    •     Assist the CISO on all matters relating to the building, buying or leasing of Information Technology (IT) Systems, National Security Systems (NSS) and devices.
    •     Supports the PEO Soldier CISO to maintain DOD Inspector General (IG) Command Cyber Readiness Inspection (CCRI), Clinger-Cohen Act, Privacy, and Federal Information Security Modernization Act (FISMA) and any other compliance reporting.
    •     Develop engineering input for program management documents to include acquisition plans and strategies, source selection evaluation plans, supportability strategies, system engineering plans, statements of work, and specifications, and ensure appropriate contract clauses are called out in contracts.
    •     Coordinate with Project Managers, users, ATEC, and other Government agencies as needed to translate operational and mission needs into practical system concepts and specifications; Assure compliance with contractual scope, schedules, specifications, and other requirements, and when appropriate, recommend program and contract changes.
    •     Develop or evaluate sampling plans based on MIL-STD-1916, ANSI Z1.4, or other industry standards.
    •     Review and ensure adequacy of all test plans, procedures, and reports for assigned programs, for both Government and contractor tests; Ensure effective root cause corrective action for all failures as well as adequacy of validation and implementation plans.
    •     Evaluate engineering change proposals and waivers/deviations and conduct physical and functional configuration audits; Conduct audits of contractor system assembly and test procedures, to ensure contractor adherence to the specification, and to all contract requirements; Work with contractors to improve their processes and implementation of process controls.
    •     Conduct continuing review and evaluation of system performance through review of reports, correspondence, data bases, field data, product and process audits, and observation of internal operations. Provide Product Assurance Suitability Statement for material release.
    •     Perform top level design, development, fabrication, testing, installation and troubleshooting.

    Qualifications

    Requirements:

    • Candidates must have a certificate of completion for DoD’s Risk Management Framework (RMF) and provide evidence of at least one year’s experience with both RMF and eMASS.
    • Active DoD Secret clearance required.
    • Expert knowledge of but not limited to: application of engineering and integration of computer hardware and software, tactical networking, and satellite communications to determine the cyber security survivability posture of assigned PEO Soldier system software design and implementation in the framework of Risk Management throughout the materiel’s life cycle.
    • Disciplines to work as a Cyber Security Developer, with knowledge of Cybersecurity Integration concepts, principles, methods, and practices on a variety of acquisition issues to serve as cybersecurity technical expert to the CISO and CIO.
    • Knowledge of analytical methods and practices to conduct analyses of problems and/or issues affecting assigned area of responsibility and recommend approaches and procedures in resolution of cybersecurity and integration problems.
    • Knowledge of Risk Management Framework (RMF) for tactical acquisition systems to ensure that acquisition Authorization to Operate (ATO) packages are prepared and maintained in accordance with the RMF.
    • Knowledge of NIST Special Publication 800-53 to ensure systems adhere to validation procedures and implementation guidelines.
    • Knowledge of cybersecurity for Programs of Records and Acquisition Systems to work with program managers to determine when new or updated authorizations are required.
    • Skill in oral and written communication to develop and maintain the organizational tactical security architecture plan; prepare and present reports and recommendations; and prepare and update manuals, instructions, and operating procedures.
    • Skill in applying: network standards, protocols, and procedures; capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware within the Army tactical network to address security plans for future systems (e.g. Cyber Range, data links, wireless internet, Cloud, Internet of Things (IoT), etc.).
    • Ability to conduct systems analysis and design methodologies to coordinate tactical cybersecurity architecture and integration for testing events.
    • Ability to evaluate computer systems design, prototypes, and computer applications from an operational test and evaluation perspective for cybersecurity to perform tactical cyber security test and evaluation planning.
    • Bachelors in non Directly Related Field > 25 years OR
    • Bachelors in Directly Related Field  > 20 years OR
    • Masters in non Directly Related Field  > 20 years OR
    • Masters in Directly Related Field  > 15 years OR
    • Doctorate  > 5 years

    Certification required must include one or more of the following or DoD approved IAT-III level certifications:

    • ISC2 Certified Information Systems Security Professional (CISSP)
    • ISACA Certified Information Security Auditor (CISA)
    • GIAC Certified Enterprise Defender (GCED)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • CompTIA Advanced Security Practitioner (CASP) Continuing Education (CE)
    • Cisco Certified Network Professional Security (CCNP-Security)

    Preferred Education and Experience:

    • Subject matter expertise with at least two years’ experience in Wireless, IoT, or Cloud Security and experience or certification in at least three (3) of the following: Authentication and Directory Services, Identity Management, Network Security, Endpoint Security, Cloud Security, Internet of Things Security, Wireless Security, Intrusion Detection and Response, Mobile Security, Vulnerability Management, Data Loss Prevention, Software Security or Application Security.
    • ISC2 Certified Information Systems Security Professional (CISSP)
    • ISACA Certified Information Security Auditor (CISA)
    • GIAC Certified Enterprise Defender (GCED)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Global Industrial Cyber Security Professional (GICSP)
    • EC-Council Certified Ethical Hacker (CEHv9)
    • CompTIA Advanced Security Practitioner (CASP) Continuing Education (CE)
    • Cisco Certified Network Professional Security (CCNP-Security)
    • Certified Cloud Security Professional (CCSP)
    • Amazon Web Services (AWS) Cloud Certification
    • Certified Wireless Network Administrator (CWNA)
    • Certified Wireless Security Professional (CWSP)
    • Certified Wireless Analysis Professional (CWAP)
    • Certified Wireless Design Professional (CWDP)
    • CompTIA Network+
    • Cisco Certified Network Associate (CCNA) Cloud, Security or Wireless
    • Cisco Certified Network Professional (CCNP) Security or Wireless
    • Linux Professional Institute (LPI) Certification
    • EC-Council Certified Ethical Hacker (CEHv9)
    • Demonstrated skill in oral and written communication explaining complicated technical requirements or controversial issues in a succinct briefing and offering a recommended course of action (COA) to senior management officials for their decision.

     

    Physical Requirements:

     

    This position requires the ability to perform the below essential functions:

    • Sitting for long periods
    • Standing for long periods
    • Ambulate throughout an office
    • Ambulate between several buildings
    • Stoop, kneel, crouch, or crawl as required
    • Repeatedly lift and carry weight up to 25 pounds
    • Travel by land or air transportation 10 %

    It is the policy of NCI to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations. In addition, we affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, or gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations. NCI is a VEVRAA Federal Contractor.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.