Chenega Corporation Information Systems Security Engineer – Senior in Aberdeen Proving Ground, Maryland
Information Systems Security Engineer – Senior
Aberdeen Proving Ground, MD Join our Talent Network
Company Job Title: Information Systems Security Engineer – Senior
Location: Aberdeen Proving Ground, MD
TheInformation Systems Security Engineer – Senior will provide the support task requirements for Cybersecurity System Engineering Support, Cybersecurity Network Domain Certification and Accreditation Support, and Cross Domain Solution (CDS) Assessment and Authorization (A&A) Support. TheInformation Systems Security Engineer – Senior will perform the tasks in coordination with government personnel to provide the cybersecurity support services and solutions necessary to analyze, assess, integrate, enhance, improve, modernize, implement, test, sustain, and maintain the DCGS-A cybersecurity posture and capabilities.
Duties and Responsibilities:
Implement NCDSMO (National Cross Domain Strategy & Management Office), TSABI (Top Secret SCI and Below Interoperability,) and SABI (Secret and Below Interoperability) information assurance/cybersecurity requirements to meet Raise-the-Bar.
Provide the Security Architect support and A&A support services for the current and future Distributed Common Ground System-Army (DCGS-A) CDS subsystems (CDSS’s), that is the Top Secret and Below Interoperability (TSABI) CDSS and Secret and Below Interoperability (SABI) CDSS.
Collaborate with the DCGS-A engineering team for design and implementation to ensure that these CDS subsystems comply with The Federal Information Security Management Act (FISMA) provisions, DoD, and Army Policies and Regulations for operational readiness and address DCGS-A requirements.
Prepare all documentation that is required by the individual network Authorization Official (AO) for Authority to Operate (ATO) to their networks for the respective DCGS-A CDSS.
Perform information assurance and cybersecurity monitoring and review reports to ensure compliance, including the development and maintenance of POA&M documents in accordance with the Risk Management Framework (RMF) A&A continuous monitoring process.
Conduct the security test and evaluation (ST&E) activities required and document results in the appropriate reports.
Design enterprise and systems security throughout the development lifecycle.
Translate technology and environmental conditions (e.g., law and regulation) into security designs and processes.
Perform as a SME across all aspects of CDS design, including Data Owner Guides, rule sets, dataflows, and filter development.
Provide Subject Matter Expertise for cross-domain policy analysis, design, and implementation support to configure and validate CDS access and transfer capabilities integrated within the PM Family of Systems (FoS).
Develop, configure, and deploy the testing of CDSS Configurations, including Rule.
Engineer and deploy capabilities to provide new functionality, improve system performance and availability, and generate efficiencies in the maintenance of the operational environment.
Perform system design and architecture work to modernize our CDS solutions as new requirements come in.
Work with the Assessment and Authorization (A&A) team to maintain RMF BOE to support the Authority to Operate (ATO) as required by ICD 503, NIST 800-53, CNSSI 1254, and any additional documentation as determined by the Authorizing Official (AO) and meets all FISMA obligations.
Support Assessment and Authorization activities related to CDS technologies, like Site-Based Security Assessments (SBSA).
Provide Tier 3/4 support for deployed CDS technologies.
Other duties as assigned.
Minimum Qualifications: (To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)
MA/MS degree in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security, Information Technology, Information Security, and Information Systems) and 7+ years of working experience directly related to DoD Cybersecurity Certification and Accreditation or cybersecurity engineering activities OR
BA/BS degree in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security, Information Technology, Information Security, and Information Systems) and 10+ years of working experience directly related to DoD Cybersecurity Certification and Accreditation or cybersecurity engineering activities
Demonstrate experience, and familiarity with DoD and Army Cybersecurity Policies and Regulations, and Certification and Accreditation (C&A) processes, including the provisions of ICD 503, and the planning and execution of Security Test and Evaluation (STE) and Cybersecurity Test and Evaluation (CTE) events
DoD 8570 IASAE II certified
Linux+ within 30 days of hire
Must be willing to travel as needed, up to 25%
Possess and maintain a valid state operator's license
TS/SCI clearance required
The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief
Knowledge, Skills and Abilities:
Expertise across all aspects of CDS design, including Data Owner Guides, rule sets, dataflows, and filter development.
Experience designing secure web service-based technologies, like XML, XSLTs, Schema Validation, SOAP, REST, and related messaging protocols.
Experience in collaborating with multiple technical teams to drive solutions that are requirement driven, including technical subject matter experts, hardware and software designers, operations personnel, and test engineers, and communicate potential security risks and mitigations.
Ability to clearly present technical approaches and findings.
Ability to write and implement engineering plans within a project.
Demonstrated experience working hands-on with Linux-based environments, troubleshooting on-site technical issues, and using and configuring the CDS solutions to deliver critical customer driver requirements.
Knowledge of GOTS and COTS CDS technologies on the NCDSMO-approved products list.
Experience with the design and updating and manage a Cross Domain Solution (CDS) to support multiple Commercial Solutions for Classified (CSfC) connections and classification to support mission efforts and goals.
A broad knowledge and understanding of DoD and Army Cybersecurity policies, tools, and techniques.
Understanding of the Risk Management Framework (RMF) process.
A deep understanding of Enterprise Mission Assurance Support Service (eMASS) and/or XACTA.
Ability to validate risk assessments and develop Plans of Actions and Milestones (POA&M) to assist the PM and ISOs in the mitigation of cybersecurity weaknesses, providing solutions and mitigation actions for each assessed item.
Ability to review and monitor the DCGS-A IS and networks A&A status, including success or failure to obtain Authority to Operate (ATO) or Interim Authority to Test (IATT), as appropriate.
Ability to work independently without direct supervision or guidance.
Ability to occasionally work after hours and/or as on-call support.
Ability to meet minimum security clearance requirements.
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer/Veterans/Disabled
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program.
Join our Talent Network