Summary: ASRC Federal Analytical Services, Inc is looking for a Cyber Security Engineer who has experience supporting system builds, implementing information security best practices, performing security analysis, software assurance and documentation of unique hardware and custom software in a multi-platform/multi-network environment during a full Risk Management Framework life cycle. Supports Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities. Provides capability and expertise to understand and properly implement DOD/MDA directives, instructions, and guidelines across hardware and software platforms. Works with the MDA cybersecurity management and case managers to ensure all cybersecurity actions for the MDDC Program are handled/resolved in a timely fashion with respect to MDA Designated Accrediting Authority and Certification Authority requirements. Responsible for the design, development, and implementation of solutions that meet network and system security requirements. Maintains existing security products and researches and develops new monitoring and management tools and procedures to comply with MDA and DoD instructions and guidelines. Performs vulnerability/risk analyses of computer systems, networks, software development deliverables, and applications. Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Has experience and skills of establishing a Defense Posture for Applications, maintaining compliance with DoD Cyber and IA policies.

Responsibilities:

• System accreditations/authorizations through the NIST Risk Management Framework (RMF). Experience with the DoD Risk Management Framework (RMF) Assess and Authorize process preferred.

• Understanding and validating NIST 800-53 Security Controls.

• Understanding of the software assurance process per the MDA Software Assurance 8500.05 and Cybersecurity 8500.01.

• Use of DoD mandated software including eMASS, ACAS, and McAfee HBSS preferred.

• Demonstrated experience reviewing, implementing, and assessing DISA Security Technical Implementation Guides (STIGs), DISA Security Requirement Guides (SRGs), and NSA Security Configuration Guides preferred.

• Will perform tasks dealing with system builds, documentation review, system security hardening, and vulnerability management/reporting.

• Support the development of CDRLs, library review and management, sprint release preparation, and threat and risk assessments as a member of software development scrums.

• Candidate should have technical troubleshooting skills and working knowledge of the Risk Management Framework for Department of Defense Information Technology.

• The ability to work independently and within a larger group of engineers and cybersecurity professionals.

• Experience in the software assurance/approval process

• Candidate will research DoD policy and complete various security tasking.

Requirements :

REQUIREMENTS:

• Experience in cyber/software assurance/DevSecOps security tools.

• Secret Clearance

• US citizen

• Bachelor's degree in Engineering, Cybersecurity, Information Systems, or related field.

• Certification: CCNP Security, CISA, CISSP (or other IAT-III certifications); Security + Familiarity with DoD security compliance documents as they relate to Linux and Windows environments is desired.

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.