Cyber Security Engineer

<p><span style="font-size: 10pt;"><strong>Job Summary</strong></span></p> <p class="p1" style="text-align: left;">A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource that is a part of the Rampant team</p> <p class="p1" style="text-align: left;">reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions that are</p> <p class="p1" style="text-align: left;">in alignment with the company’s goals.</p> <p><span style="font-size: 10pt;"><strong>Essential Duties &amp; Responsibilities</strong></span></p> <p>SME on problem identification, diagnosis, and resolution of problems</p> <p class="p1">Develop best practices for processes and standards that will better the system</p> <p class="p1">Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as</p> <p class="p1">required to comply with security requirements.</p> <p class="p1">Track and fulfill liens associated with A&amp;A activities as documented in the Plan of Actions and Milestones.</p> <p class="p1">Perform hardening of ops systems, COTS and open-source product</p> <p class="p1">Validate best practices in Penetration testing, Configuration analysis, and Security</p> <p class="p1">Prepare comprehensive security assessment testing documentation to validate applied security controls in</p> <p class="p1">support of Assessment and Authorization (A&amp;A) testing. Generating/maintaining security accreditation artifacts</p> <p class="p1">associated with RMF process to include, but not limited to Security Requirements Traceability Matrix, Security</p> <p class="p1">Plans, Certification Test Plans, Continuous Monitoring Plans)<span class="s2">2</span></p> <p class="p1">Perform timely updates in accreditation DB</p> <p class="p1">Provide technical guidance focused on information security architecture.</p> <p><span style="font-size: 10pt;"><strong>Key Skills, Education &amp; Experience</strong></span></p> <p class="p1">Minimum of eight (3) years’ relevant experience as a Cybersecurity Engineer in programs and contracts of</p> <p class="p1">similar scope, type, and complexity is required; ideally three (3+) years of direct experience in the same</p> <p class="p1">level/grade for like role.</p> <p class="p1">Techno functional knowledge of/experience in:</p> <p class="p1">Execution of the Assessment &amp; Authorization (A&amp;A process) in accordance with government</p> <p class="p1">requirements (e.g. ICD-503)</p> <p class="p1">Information systems security and continuous monitoring practices and how to assess their</p> <p class="p1">effectiveness per NIST SP 800-53 and NIST SP 800-53A.</p> <p class="p1">DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls</p> <p class="p1">assessment criteria/procedures</p> <p class="p1">Integrity, availability, authentication, and non-repudiation concepts</p> <p class="p1">IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)</p> <p class="p1">Network access, identity, and access management (e.g., public key infrastructure [PKI])</p> <p class="p1">Security system design tools, methods, and techniques</p> <p class="p1">Relevant laws, policies, procedures, or governance as they relate to work that may impact critical</p> <p class="p1">infrastructure.</p> <p class="p1">TCP/IP networking technologies, Linux account administration, Linux folder permissions, Patch</p> <p class="p1">Management best practices on Operating Systems and applications, known vulnerabilities associated</p> <p class="p1">with Windows and Linux platforms.</p> <p class="p1">Continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging</p> <p class="p1">existing tools, efforts, and incorporating new automation techniques.</p> <p class="p1">Virtualization technologies (e.g. VMWare, Docker)</p> <p class="p1">OSI model and how specific devices and protocols interoperate, including knowledge of protocols, and</p> <p class="p1">services for common network traffic</p> <p class="p1">DoD/IC system security control requirements</p> <p class="p1">XACTA and SNOW</p> <p class="p1">Security testing and penetration tools that include Assured Compliance Assessment Solution (ACAS),</p> <p class="p1">Wireshark, Retina, Tripwire, etc…</p> <p class="p1">Hands on experience and proficiency with the full Microsoft Office Suite and tools such as Microsoft</p> <p class="p1">Project, Microsoft Visio</p> <p class="p1">Self-starter/motivator and<span class="Apple-converted-space">&nbsp;</span></p> <p><span style="font-size: 10pt;"><strong>Certifications and Clearance</strong></span></p> <p class="p1">Must have certifications (certifications with * indicate willing to hire if certification is within 3-6 months of</p> <p class="p1">finalizing):</p> <p class="p1">Active TS/SCI w/ Poly clearance required</p> <p class="p1">Current certification compliant with DoD 8570 IAM or IAT level 3OR obtain certification within 6 months of</p> <p class="p1">hire and maintain certification throughout employment.</p> <p class="p1">MUST meet DoD 8570 IAT Level III requirements</p> <p class="p1">IAT Level II Certifications (Security+ or equivalent)</p>