Cyber Security Project Engineer

Cyber Security Project Engineer

Herndon, VA.

The Sponsor requires support in understanding and implementing standards like ICD 503, NIST Risk Management Framework, and cloud technologies. The work requires a healthy mix of technical and policy knowledge. The work will be driven by the Sponsors needs and priorities

Demonstrated experience facilitating Technical Exchange Meeting (TEM) with cloud service providers to review cloud service architectures.

· Demonstrated experience maintaining assessment and authorization packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.

· Demonstrated experience designing, implementing, assessing or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.

· Demonstrated experience utilizing or reviewing cross domain technology and common architecture designs.

· Demonstrated experience consulting project teams on system architecture and security posture.

· Demonstrated experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus or Qualys.

· Demonstrated experience creating, monitoring, or closing system or service Plans Actions and Milestone items (POA&Ms).

· Demonstrated experience utilizing compliance tools to track assessment and authorization activities such as Xacta 360, Service Now, or RSA Archer.

· Demonstrated experience with the common control provider concept within the NIST Risk Management Framework.

· Demonstrated experience with security control assessments (SCAs) to include working with SCAs and preparing security packages for SCAs.

HIGHLY DESIRED SKILLS AND DEMONSTRATED EXPERIENCE

Skills and demonstrated experiences that are highly desired but not required to perform the work include:

· Demonstrated experience using the Sponsors or similar element assessment and authorizing process.

· Demonstrated experience creating or reviewing A&A body of evidence documentation in a cloud security environment.

· Demonstrated experience identifying, implementing, or reviewing appropriate information security controls.

· Demonstrated experience working in Xacta 360.

Vacation – 5 weeks of accrued paid vacation per year (i.e., 8.33 hours accrued per pay period worked)

• Holidays - Paid holidays published annually by the Office of Personnel Management, excluding Inauguration Day

• 100% paid for Health Benefits* (United Healthcare, Guardian Dental, VSP Vision, MetLife, Life and Disability Insurance and annual $1500 employer HSA contribution on qualified plans) *health benefits kick in the 1st of the month following your start date

• 6% 401k Contribution (3% paid out during each pay period, the additional 3% will be paid out as a lump sum in Q1 each year)

• Training Reimbursement – Approved training and education expenses will be reimbursed

• Travel Expenses – Approved travel expenses will be reimbursed *Note – From time to time, the company may change employee benefits.