KBR
Overview
JOB DESCRIPTION Title: Cyber Security RMF Support Belong. Connect. Grow. with KBR! KBR’s Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our security. KBR (formerly LinQuest) is the prime contractor on the MSEIT contract. By applying to this position, you are in consideration for KBR employment. However, you also have the option to be hired by one of our subcontractor teammates. You will join a systems engineering team defining the next of space communication systems supporting US Space Force (USSF) satellite communications. You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment. You will interface and collaborate with SE&I team members, contractors, government civilians and members of the USSF. You will lead and support several working groups responsible for leading technical discussion, resolve and identify risk, requirement gaps, developing briefings, writing, and tracking action items, and authoring meeting minutes. The MILSATCOM Systems Engineering, Integration, and Test (MSEIT) effort provides leading edge Systems Engineering & Integration (SE&I) for the US Space Force’s Space Systems Center (SSC). We support the Space Force’s acquisition of state of the art satellite communications systems, providing global secure, survivable, and protected communications for our nation’s warfighters. We seek technical individuals who will thrive in a highly collaborative work environment of small teams, using the most modern tools and methodologies to tackle the challenges of integrating complex space and ground communications systems. Why Join Us?
Innovative Projects:
KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions. Collaborative Environment:
Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace. Impactful Work:
Your contributions will be pivotal in designing and optimizing defense systems that ensure security and shape the future of space defense. Key Responsibilities
Support the SSC with ensuring security, quality, timeliness, mission partner support, completeness, and regulatory compliance of ATO RMF documentation Experience creating, editing and reviewing RMF, policy documents to implement administrative controls for each of the Rev 5 control families. Experience developing and reviewing and performing self-assessments of control narratives and System Control Traceability Matrix (SCTM) Experiencing reviewing and editing ATO artifacts such as Ports, Protocol and Services, matrix and Hardware/Software lists. Proposing, coordinating, implementing, and enforcing all Department of the Air Force information system security policies, standards, and methodologies Familiarity with vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks Knowledge of evaluating operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides) Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level Information System Security Manager (ISSM), Security Control Assessor (SCA), and/or the Wing Cybersecurity office During system development, recommends protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered. During system development, reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling Recommends exceptions, deviations, or waivers to cybersecurity requirements. Preparing certification letters and Memoranda of Agreement (MoA), Authorization to Connect (ATC) packages, Interconnection Security Agreement (SIA), and Security Impact Assessments with system owners for interface and networking implementations Support the following responsibilities: security control assessor (SCA) and Security Technical Implementation Guide (STIG) curated to DOD/DAF/USSF baselines, audit standards, and plan of actions and milestones (POAM) Attend cleared expert threat briefings; have oversight of security program design, incident response plans, cyber risk assessments, and attack surface assessments; investigate security breaches, perform red, blue, purple, ethical hacking, orchestrate vulnerability assessment, develop security protocols, conduct tabletop exercises, and breach readiness reviews Completes and maintains required cybersecurity certification in accordance with (IAW) AFMAN 17-1303. Work Environment
Location:
Onsite Travel Requirements:
Minimal Working Hours:
Standard Qualifications
Required: An active Secret clearance is required for this position BA or BS degree in engineering, physics, chemistry, mathematics, computer science, network, and telecommunications; information systems, information technology, or computer information systems Minimum 2 years of continuous Information Systems, Information Assurance/Cybersecurity (IA/CS) experience Understanding and working knowledge of Risk Management Framework (RMF) Rev 5 and DODI 8510.01 2 continuous years of experience with security controls and implementation delineated in Committee of Security Systems Instruction (CNSSI) 1253, Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Security Program Implementation Guide (JSIG). 2 continuous years of experience with performing vulnerability assessments using ACAS, DISA STIG, SCAP, incorporating automated Benchmarks 2 continuous years of experience using SolarWinds and Splunk or other network analysis tools Extensive experience working with Linux/Unix Command Line Interface and using regular expression queries Ability to read and extract Cisco configuration files 2 continuous years of experience implementing operating systems and network devices security configuration in accordance with DISA approved STIGs 2 continuous years of experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems Experience identifying Common Criteria and NIAP certified technologies and the DISA Approved Products List (APL) Experience working in a military organization in a cybersecurity role with military tactical or enterprise systems Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoDM 8140.03 (e.g., CompTIA CASP+, CISSP) Desired: Master’s degree in Computer Science/Engineering with emphasis in Cyber Security 5+ years of work experience in Cyber Security 5+ years of work experience in System Engineering Architecture/Design Linux and Cisco certifications DoD Space program experience Security Test and Evaluation (ST&E) TS/SCI Clearance Basic Compensation:
$135,000-$168,000 in California The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity. Ready to Make a Difference?
If you’re excited about making a significant impact in the field of space defense and working on projects that matter, we encourage you to apply and join our team. KBR Benefits
KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, paid time off, or flexible work schedule. We support career advancement through professional training and development. Belong, Connect and Grow at KBR. At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of teams and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together. KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr
JOB DESCRIPTION Title: Cyber Security RMF Support Belong. Connect. Grow. with KBR! KBR’s Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our security. KBR (formerly LinQuest) is the prime contractor on the MSEIT contract. By applying to this position, you are in consideration for KBR employment. However, you also have the option to be hired by one of our subcontractor teammates. You will join a systems engineering team defining the next of space communication systems supporting US Space Force (USSF) satellite communications. You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment. You will interface and collaborate with SE&I team members, contractors, government civilians and members of the USSF. You will lead and support several working groups responsible for leading technical discussion, resolve and identify risk, requirement gaps, developing briefings, writing, and tracking action items, and authoring meeting minutes. The MILSATCOM Systems Engineering, Integration, and Test (MSEIT) effort provides leading edge Systems Engineering & Integration (SE&I) for the US Space Force’s Space Systems Center (SSC). We support the Space Force’s acquisition of state of the art satellite communications systems, providing global secure, survivable, and protected communications for our nation’s warfighters. We seek technical individuals who will thrive in a highly collaborative work environment of small teams, using the most modern tools and methodologies to tackle the challenges of integrating complex space and ground communications systems. Why Join Us?
Innovative Projects:
KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions. Collaborative Environment:
Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace. Impactful Work:
Your contributions will be pivotal in designing and optimizing defense systems that ensure security and shape the future of space defense. Key Responsibilities
Support the SSC with ensuring security, quality, timeliness, mission partner support, completeness, and regulatory compliance of ATO RMF documentation Experience creating, editing and reviewing RMF, policy documents to implement administrative controls for each of the Rev 5 control families. Experience developing and reviewing and performing self-assessments of control narratives and System Control Traceability Matrix (SCTM) Experiencing reviewing and editing ATO artifacts such as Ports, Protocol and Services, matrix and Hardware/Software lists. Proposing, coordinating, implementing, and enforcing all Department of the Air Force information system security policies, standards, and methodologies Familiarity with vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks Knowledge of evaluating operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides) Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level Information System Security Manager (ISSM), Security Control Assessor (SCA), and/or the Wing Cybersecurity office During system development, recommends protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered. During system development, reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling Recommends exceptions, deviations, or waivers to cybersecurity requirements. Preparing certification letters and Memoranda of Agreement (MoA), Authorization to Connect (ATC) packages, Interconnection Security Agreement (SIA), and Security Impact Assessments with system owners for interface and networking implementations Support the following responsibilities: security control assessor (SCA) and Security Technical Implementation Guide (STIG) curated to DOD/DAF/USSF baselines, audit standards, and plan of actions and milestones (POAM) Attend cleared expert threat briefings; have oversight of security program design, incident response plans, cyber risk assessments, and attack surface assessments; investigate security breaches, perform red, blue, purple, ethical hacking, orchestrate vulnerability assessment, develop security protocols, conduct tabletop exercises, and breach readiness reviews Completes and maintains required cybersecurity certification in accordance with (IAW) AFMAN 17-1303. Work Environment
Location:
Onsite Travel Requirements:
Minimal Working Hours:
Standard Qualifications
Required: An active Secret clearance is required for this position BA or BS degree in engineering, physics, chemistry, mathematics, computer science, network, and telecommunications; information systems, information technology, or computer information systems Minimum 2 years of continuous Information Systems, Information Assurance/Cybersecurity (IA/CS) experience Understanding and working knowledge of Risk Management Framework (RMF) Rev 5 and DODI 8510.01 2 continuous years of experience with security controls and implementation delineated in Committee of Security Systems Instruction (CNSSI) 1253, Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Security Program Implementation Guide (JSIG). 2 continuous years of experience with performing vulnerability assessments using ACAS, DISA STIG, SCAP, incorporating automated Benchmarks 2 continuous years of experience using SolarWinds and Splunk or other network analysis tools Extensive experience working with Linux/Unix Command Line Interface and using regular expression queries Ability to read and extract Cisco configuration files 2 continuous years of experience implementing operating systems and network devices security configuration in accordance with DISA approved STIGs 2 continuous years of experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems Experience identifying Common Criteria and NIAP certified technologies and the DISA Approved Products List (APL) Experience working in a military organization in a cybersecurity role with military tactical or enterprise systems Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoDM 8140.03 (e.g., CompTIA CASP+, CISSP) Desired: Master’s degree in Computer Science/Engineering with emphasis in Cyber Security 5+ years of work experience in Cyber Security 5+ years of work experience in System Engineering Architecture/Design Linux and Cisco certifications DoD Space program experience Security Test and Evaluation (ST&E) TS/SCI Clearance Basic Compensation:
$135,000-$168,000 in California The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity. Ready to Make a Difference?
If you’re excited about making a significant impact in the field of space defense and working on projects that matter, we encourage you to apply and join our team. KBR Benefits
KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, paid time off, or flexible work schedule. We support career advancement through professional training and development. Belong, Connect and Grow at KBR. At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of teams and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together. KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr