Location: Fort Meade, MD
US Citizenship Required for this Position: Yes
Relocation Assistance: No relocation assistance available
Clearance Type: Secret
The Cybersecurity Engineer – Mid provides cybersecurity expertise to support the Defense Information System Agency (DISA) technology infrastructure. Implements scans with ACAS and assesses system risks and facilitate remediation of security vulnerabilities. Reports on findings and provides recommendations for corrective actions. Interfaces with governance teams in organization. Performs vulnerability assessments as assigned, utilizing IT security tools and methodologies and is responsible for the upkeep of the security posture of the environment.
Education and Experience
- Bachelor’s Degree
- 4+ years of experience
- CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP certifications needed or equivalent specialty experience
- Security+CE (or appropriate DoDM 8570 Baseline Certification)
- ServiceNow experience a plus
- IAT Level II certification is required before start
- Execute Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS) scans to determine infrastructure vulnerability state and develop highly customizable reports for briefings to DISA’s leaders
- Configure, update, and manage Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS)
- Analyze ACAS findings for determination of false positives, impact to customer system, identification of risk level adjustment, and provision of recommendations and tracking to closure.
- Implements and enforces all DoDNet cybersecurity policies and procedures located in the Enterprise Mission Assurance Support Service (eMASS) and in Defense Enterprise Portal Service (DEPS), as defined by cybersecurity related documentation.
- Collaborate with internal and external SMEs and senior-level Government customers to determine the best courses of action in preparation for IT audits, risk assessments, and regulatory requirements.
- Conduct cybersecurity research and analysis to support DISA’s Configuration Control Board.
- Coordinate with government counterparts to support expert provisioning Remedy ITSM ticket management and customer support.
- Coordinate with Tier III engineers to troubleshoot HBSS issues to identify the problem root causes and provide solutions.
- Reporting security status to key stakeholders
- Have flexible working hours to be available to support team when needed
- Perform all other duties as assigned
- Strong writing skill set is a must
Knowledge and Skills
- ACAS reviews and reports
- NIST control documentation and ATO Packages
- RMF documentation
- IAVA reporting
- ACAS scans Excellent verbal and written communication skills
- Ability to organize and facilitate planning and demonstrations
- Ability to track, manage, and ensure project tasks are completed in a timely manner
- Accreditation Status
- STIG Compliance
- Recommended Disconnection Notices
- Enterprise Servers Vulnerabilities
- Infrastructure Devices vulnerabilities
- Assessment and Authorization (A&A) Visits
- Information Assurance Vulnerability Management (IAVM) Release Notifications
- Audit Findings
- Directives and Orders
- DoD Cybersecurity Scorecard
- RMF Transition Status