Cybersecurity Engineer

    Colorado springs, CO

    Job Description


    Cybersecurity Engineer

    Position Summary

    KBR is seeking to hire a Cybersecurity Engineer. This candidate will support the ISSO/ISSM for a DevOps/System Administrator team in performing Risk Assessment process steps to include evaluating data from many sources to develop a holistic assessment that enables the Authorizing Official (AO) to make an authorization decision. You will be responsible for supporting virtual private cloud (VPC's) instances on multiple classified DoD networks and AWS Gov Cloud. Daily responsibilities include supporting the development and review of IA packages that will be submitted to the USAF Authorizing Official (AO) to make an authorization decision. Support the ISSO/ISSM in submitting IA packages to the Enterprise Mission Assurance Support Service (eMASS) and Xacta IA Manager systems. Support examining results of vulnerability analysis, STIG, SRG, IAVM and cybersecurity control compliance in order to perform a detailed risk assessment. Assist with the development of documentation and other artifacts to develop System Security Plans (SSP), Interim Authorization To Test (IATTs), Authorization to Operate (ATO), and Authorization to Connect (ATC). Participate in assessing vulnerabilities associated with noncompliant RMF controls and evaluates their risk to the mission and the organization to arrive at a residual risk. This position is responsible for supporting the execution and documenting risk assessments, including interacting directly with the SCAs and the ISSMs and their Cybersecurity support staff, and supporting the AO signing.

    • Assist with the Risk Management Framework (RMF) authorization process by developing and maintaining artifacts to meet security requirements.
    • Audit information systems to ensure compliance with security policies and procedures while reporting any discrepancies to the ISSO/ISSM.
    • Manage user access; conduct user briefings and coordinate with System Administrator prior to activating and deactivating user accounts.
    • Ensure Configuration Management (CM) and the security relevant functions of all associated hardware, software, firmware, peripherals.
    • Respond to classified spills or other security-related incidents.
    • Assist with sanitization and release of hardware in accordance with security policies and Authorizing Official (AO) guidance.
    • Operate scanning tools such as SCAP Compliance Checker (SCC) and Tenable Nessus.
    • Perform vulnerability scans and certification testing at scheduled intervals; weekly, monthly, semiannually, or as required.
    • Monitor system vulnerabilities and test/update system patches, as needed.
    • Follow system security lockdown guidance found in NIST, NSA and DISA STIGs.
    Education/Certification Requirements
    • Possess a Bachelor's Degree from an accredited institution in Information Systems, Computer Science, Engineering, or related Information Technology degree program.
    • Candidate will be required to possess the minimum of a DoD 8570.01-M IAM Level II certification.
    • A minimum of 5+ years of applicable ISSO level experience is required.
    • Successful candidate will understand and have experience in DCID 6/3, ICD 503, NIST 800-53 Risk Management Framework (RMF) Security Control Catalog, policies and implementations.
    • Experience assessing compliance and performing risk assessments.
    • Experience with security configurations across multiple operating systems in various environments, to include Windows, Linux, etc. is required.
    • Strong technical writing skills are required for producing Risk Assessment Reports and writing assessments that will be presented to the SCA and the AO for decision
    • Capable of supporting/leading and executing Cybersecurity Risk Analysis efforts
    • Detail-oriented and mission-focused
    • Ability to work on a broad spectrum of information systems
    • Experience with the eMASS and Xacta tools and repositories required
    • DoD 8570.01-M IAM Level II Certification required
    • Top Secret security clearance with SCI eligibility is required
    • Experience in Cloud authorization strategies is desired
    Clearance Requirements
    • Active DoD Top Secret with SCI eligibility at time of hiring.
    Scheduled Weekly Hours:

    Posting ID: 556644397Posted: 2020-05-21