Position Description:

The Cyber Systems Engineer – Vulnerability Management provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

• Support the IT vulnerability management lifecycle.

• Support government activities and reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC).

• Assesses and manages the implementation of identified corrections associated with technical vulnerabilities.

• Update and manage metrics reporting for several database sources. Collect the necessary data, develops, and delivers a periodic Cyber Vulnerabilities Metrics Reports.

• Develop and delivers asset vulnerability views for categories such as mission, cross domain, and location, as required by the customer.

• Develop cyber threat analysis for known threats.

• Document and deliver reporting activities related to cyber threat situational awareness and reporting, as well as cyber-related metrics and reporting.

• Document and deliver Government activities and reporting related to tasking and directions received from stakeholders (i.e., USCYBERCOM, IC-SCC).

• Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and program Information System Security Engineers (ISSEs)

• Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findings

• Prepare and update slides for weekly and monthly meetings

• Research trending vulnerabilities being reported through enterprise security tools

• Support automation activities with system engineers from other offices

  
  

Qualifications

Required:

• Requires 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD.

• Current U.S. Government Top Secret clearance with SCI eligibility

• Favorably adjudicated Polygraph

• Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification

• DoD 8570 certification in IAT or IAM

• Strong analytic and risk management skills

• Strong attention to detail and organizational skills

• Excellent communications skills

• Self-starter requiring limited direction and supervision

• Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation

  
  

Desired:

• Experience supporting IT domain or IC Experience with acquisition and project management

• Experience briefing senior customer personnel

• Ability to organize and prioritize numerous customer requests in a fast-paced deadline driven environment

• Familiarity with customer's IA processes

• Experience with SNOW and Splunk

• Familiarity with Cross Domain Systems (CDS)

• Experience supporting IC or DoD in the Cyber Security Domain