United States onlyQualifications:
- Four (4) years of professional experience in relation to IT security with the DoD or Navy.
- Experience with vulnerability analysis, risk analysis, scanning for viruses and other software that is detrimental. Qualified experience in accreditation of systems and audits.
- Active DoD IAT Level II certification
- Design, implement, and maintain secure system architectures in accordance with DoD and Navy cybersecurity standards.
- Perform system security engineering activities throughout the system development lifecycle (SDLC).
- Conduct risk assessments, vulnerability analyses, and security audits to identify and mitigate potential threats.
- Develop, review, and maintain security artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
- Support system authorization and accreditation activities under the Risk Management Framework (RMF).
- Implement security controls and validate compliance with NIST SP 800-53 and DoD 8500.01 policies.
- Collaborate with network, system, and software engineers to integrate security solutions into system designs.
- Provide recommendations for security enhancements and mitigation strategies to maintain continuous monitoring compliance.
- Participate in cybersecurity incident response activities and support root cause analyses.
- Conduct security testing, including vulnerability scanning and penetration testing, to verify control effectiveness.
- Ensure all security documentation, diagrams, and configurations are maintained and updated regularly.
- Develop and enforce secure configuration baselines in alignment with DISA STIGs and other DoD standards.
- Provide subject matter expertise to leadership during technical reviews, audits, and risk management discussions.
- Train and mentor junior engineers and cybersecurity staff in best practices for secure system engineering.
- Stay current with emerging threats, vulnerabilities, and DoD cybersecurity policy updates.
