Cybersecurity System Security Engineer II – (Management)

Cyber Security/Information Assurance El Segundo, California


Description

Cybersecurity System Security Engineer II – M (Management)

The System Security Engineer’s primary function is working within Special Access Programs (SAPs) supporting SMC and AFSPC acquisition programs. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities to meet NIST Cybersecurity requirements for system assessment & authorization.

Responsibilities include, but are not limited to:

  • Serve as the RMF Cybersecurity Specialist for the organization's Systems
  • Maintain Day-to-Day security analysis of RMF packages to ensure timely updates and notifications
  • Update RMF Security Control Families as required and properly process through eMASS.
  • Maintain thorough understating of NIST 800-53 and NIST 800-171 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix.
  • Provide support and recommendations to Program Managers and Security Authorities to maintain appropriate information assurance (IA) posture(s) for programs and systems.
  • Conduct reviews to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
  • Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
  • Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g. IA SOP, SSP, MSSP, RAR and SCTM)
  • Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration with existing SAP network infrastructures
  • Develop and provide IA risk management recommendations to the customer
  • Represent the Government Program Manager in various SSE related working groups, advisory groups, and advisory council meetings

Basic Qualifications:

Experience:

  • 6-8 years total experience, including minimum 4 years’ experience within SCI or SAR environment.  Minimum 2 years of SAP relevant experience highly desired.

Education:

  • Bachelor’s degree in a related discipline or equivalent additional experience (4 years)

Certifications:

  • Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 1 and Information Assurance Manager Level 2 within 6 months of the date of hire

Security Clearance Requirements:

  • Current Top Secret Clearance with SCI Eligibility
  • Eligibility for access to Special Access Program Information
  • Willingness to submit to a Counterintelligence polygraph

Other Requirements:

  • Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents
  • Full understanding of Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) processes for system accreditation, along with legacy (DITSCAP, DIACAP) processes
  • Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
  • Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
  • Possess a high degree of originality, creativity, initiative requiring minimal supervision
  • Willingness to travel within the organizational Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)

Physical Requirements:

  • Must be able to lift up to 50 pounds