Cybersecurity Systems Engineer
No third-party applicants will be considered. If you are a third-party contracting company, please do not respond to this position.
Our client offers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 13, 000+ top professionals, they partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas.
Bachelor' s of Science degree in Engineering, a related specialized area or field is required (or equivalent experience) plus a minimum of 5 years of relevant experience; or Master' s degree plus a minimum of 3 years of relevant experience. All education requirements are verified.
Travel: Must be able to travel up to 20% of the time.
REPRESENTATIVE DUTIES AND TASKS:
- Lead or support the system security design effort, security requirements analysis, and security requirements flow down to the program elements.
- Review system design documentation, advise development SMEs on what the security requirements are (IA controls, STIGs and IAVAs), and test the security requirements during system development in a sprint environment.
- Support the development of security documentation, including items such as security plans, contingency plans, and security tests plans and procedures in compliance with the IA policy
- Perform Cybersecurity (CS) system assessments, develop related test plan requirements, analyze results, gather evidence and generate the Assessment and Authorization (A&A) documentation under the Risk Management Framework (RMF).
- Assess management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls and gather compliance evidence (i.E., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).
- Develop verification methods for security requirements and controls, execute tests and scans with security assessment tools, analyze test results, and prepare test reports (e.G., DISA SCAP SCC and ACAS NESSUS scans).
- Review IAVA and STIG assessment results, recommend corrective actions to address vulnerabilities, and manage the plan of action and milestones (POAM) finding closure actions with the stakeholders.
- Develop assessment efficiencies through automation tools, processes, and script.
- Support the assessment and mitigation of system security threats and risks throughout the program life cycle
- Contribute to the completion of major programs and projects with the execution of the system security activities.
- Plan and execute project tasks for activities described above
KNOWLEDGE SKILLS AND ABILITIES:
- Minimal certification is Security+. CISSP certification is preferred.
- Knowledge of network topologies, layered security architectures & designs, network based security, host based protection, anti-virus, and security management
- Experienced with Risk Management Framework (RMF) vulnerability assessments, artifact collection, analysis, and risk
- Supported patch management, system hardening, and verification of STIG compliance for OSs (e.G. Windows 2012, Windows 10, and Linux operating systems), COTS applications, and other IA
- products and IA enabled products.
- Hands-on experience with ACAS-NESSUS & SCAP scans and analysis, STIG CKLs, SCC benchmarks, Vulnerator
- Proven advanced cyber security technology, trends, security architectures, systems, and components.
- Experience with Cyber Security designs and provide convincing arguments on the merits of the Cyber Security ideas, concepts, systems and detailed designs.
- Excellent written and verbal skills
- Cyber Security designs, implementations, related issues, impacts, and corrective actions.
- Sound systems security engineering concepts, principles, and theories.
- Demonstrate a strong working knowledge of at least one adjacent discipline (networking, software, systems, etc.)
- Cyber security specifications such as Risk Management Framework (RMF), STIGs and other government security specifications and guidelines.
Director of Business Development - Information Technology
With a reputation for delivering creative and cost-effective programming within the workforce solutions industry, Brad is a results oriented, seasoned business development professional with Contract Professionals, Inc. He effectively leads the company’s IT Division, to deliver sophisticated IT talent to a diverse and growing client base.
Brad comes with 19 years of industry experience, working with some of the largest and most well respected international companies in the world. He possesses management oversight experience from a local to a national level; executing creative and complex workforce solutions to Fortune 15 - Fortune 5000 companies.
Brad enjoys connecting deserving job seekers to their desired professions.He’s successfully delivered 1000's of skilled candidates to hiring managers in the financial services, telecom, health care, education and aerospace/defense industries.
Brad is also an expert at client relationship development and management. He is known, industry wide for his ability and willingness to place a high value on client satisfaction. He does this by conducting regular audits of the workforce solutions he delivers to his clients. If there is a better or most cost effective way to do it, he’ll find it and deliver.
Brad is a true problem solver and long-term relationship builder, with a keen eye for talented human resources.
Brad grew up in a Phoenix suburb. When he is not working, he enjoys trying new sports & activities with his large family.