JOB OVERVIEW:

We are seeking a skilled Senior Level Cyber Security Engineer based in Fort Belvoir, VA. The ideal candidate will provide leadership in designing, assessing, and implementing security controls across complex systems, ensuring compliance with DoD standards and the confidentiality, integrity, and availability of Army systems.
This position is contingent upon contract award.

Key Responsibilities:

• Lead the implementation of administrative, physical, and technical security controls across the ATIS portfolio, ensuring compliance with DoD RMF requirements.
• Conduct independent security assessments and testing to identify risks, recommend mitigation strategies, and ensure continuous compliance.
• Manage the Plan of Action and Milestones (POAM) process, documenting mitigations and overseeing their resolution within defined timelines.
• Serve as a technical advisor for RMF controls implementation, collaborating with the Information System Security Manager (ISSM) to maintain eMASS records.
• Perform Independent Verification and Validation (IV&V) testing and report on findings, including compliance with RMF and continuous monitoring requirements.
• Lead risk assessments for third-party systems, evaluating vulnerabilities and proposing actionable remediation strategies to protect Army systems.
• Oversee system security scans and vulnerability assessments, ensuring compliance with Army and DoD cybersecurity policies.
• Define and maintain security standards, policies, and procedures, ensuring they are operationally effective and meet Army requirements.
• Provide guidance on incident response investigations, identifying opportunities for improvement in incident handling and mitigation efforts.
• Collaborate with stakeholders to implement and monitor security safeguards using cutting-edge technologies, such as encryption, remote access, and antivirus systems.

Required Skills:

• Deep knowledge of DoD RMF, including security assessment and testing, identity and access management, and security engineering.
• Proficiency in eMASS and the ability to manage security documentation and compliance records.
• Strong understanding of the 8 domains of information security, including: Security & Risk Management, Security Assessment and Testing, Communications and Network Security, Software Development Security.
• Travel up to 10%

Qualifications:

• Secret or higher clearance level
• U.S. Citizenship
• Bachelor’s degree in Cybersecurity, Computer Science, or a related discipline.
• 6+ Years experience.
• IASAE II DoD Approved Baseline Certification (e.g., CISSP, CASP CE, CSSLP).

Desired Qualifications:

• Master’s degree or higher in a related field desired.
• Certifications:
• SAFe Agile Practitioner certification.
• AWS Certified Cloud Practitioner (CCP) to demonstrate knowledge of securing cloud environments.
• Expertise in cloud security, including designing and implementing controls in AWS environments. Experience presenting complex technical information to senior military leadership.

VffK5WEEs

• Lead the implementation of administrative, physical, and technical security controls across the ATIS portfolio, ensuring compliance with DoD RMF requirements.
• Conduct independent security assessments and testing to identify risks, recommend mitigation strategies, and ensure continuous compliance.
• Manage the Plan of Action and Milestones (POAM) process, documenting mitigations and overseeing their resolution within defined timelines.
• Serve as a technical advisor for RMF controls implementation, collaborating with the Information System Security Manager (ISSM) to maintain eMASS records.
• Perform Independent Verification and Validation (IV&V) testing and report on findings, including compliance with RMF and continuous monitoring requirements.
• Lead risk assessments for third-party systems, evaluating vulnerabilities and proposing actionable remediation strategies to protect Army systems.
• Oversee system security scans and vulnerability assessments, ensuring compliance with Army and DoD cybersecurity policies.
• Define and maintain security standards, policies, and procedures, ensuring they are operationally effective and meet Army requirements.
• Provide guidance on incident response investigations, identifying opportunities for improvement in incident handling and mitigation efforts.
• Collaborate with stakeholders to implement and monitor security safeguards using cutting-edge technologies, such as encryption, remote access, and antivirus systems