OSC Edge
The Cyber Security Engineer will be responsible for tasks related to Assessment & Authorization (A&A) to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will participate in risk assessments of information systems to identify vulnerabilities, risks, and cyber protection needs. Develop RMF documentation to include system security plan artifacts which include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, contingency plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other DoD and Navy mandated artifacts that comprise the Security Authorization Package. Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.
Responsibilities
Develops RMF accreditation artifact documentation to include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other Navy mandated artifacts that comprise the Security Authorization Package.
Performs weekly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities.
Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and NIST 800-53
Prepare daily, weekly, and monthly reports detailing task and responsibility status
Supports Cybersecurity Test & Evaluation (CT&E) activities of system security engineering and program protection activities.
Monitors and executes compliance vulnerability scanning and uploads to the Navy VRAM database.
Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
Performs system categorization; select, tailor security controls, implement, and test security controls
Attends and leads meetings, works in collaborative a team environment to provide network stability and continuity
Performs other tasks as required by OSC and the Government contracting office.
Required Qualifications/Education and Experience
Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI
High School diploma or equivalent
Must be DoD 8570 certified at the IAT-III/ IAM-III level (CASP, CISM, CISSP, CCISO, CISA)
Minimum of seven (7) years of hands‑on experience in the IT/Engineering field
Must have at minimum (2) years’ experience with DoN, DoD RMF process; must have completed full Navy or DoD RMF accreditation package from start to ATO issuance
Must have expert level knowledge of eMASS and experience in the development of Assessment and Authorization plans
In depth understanding of computer security, Department of Navy, and DoD cyber security policies
Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), VRAM, and other DoN, and DoD cybersecurity tools
Strong ability to communicate clearly and succinctly in written and oral presentations
Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven
Have knowledge in network, physical, systems and application security practices
Must be familiar with intrusion detection and prevention measures and practices
Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, , ACAS, Nessus, and SIEMs
Familiarity with DoD, NIST, RMF and FedRAMP processes
Excellent written and verbal communication skills
Knowledge of ACAS to create and execute scan jobs, reports, and able to troubleshoot non‑compliant scans.
Knowledge of multiple architectures: Cisco, Linux, Windows, and VMWare
Preferred Qualifications/Education and Experience
Bachelor’s degree (preferably in Information Technology, Information Management, or Cyber Security)
Meet or exceed OPNAVINST 5239 requirements to be certified as Intermediate Qualified Level Navy Validator
Benefits OSC Edge delivers a total rewards package that we know will attract, engage and retain top talent. Key elements of our package include a competitive base pay and a comprehensive benefits package:
We offer eligible employees with an opportunity to enroll in a variety of benefits offerings. Here are just some of our benefits for our US based positions:
Life insurance and AD&D
Flexible Spending
Accident, Critical Illness and Hospital Indemnity coverage
401(k) and ROTH retirement options and company match
Pet Insurance
Identify Theft and Fraud Protection coverage
About OSC Edge Founded in 2008, what started as a small business has grown into a diverse and innovative global team owned by Cook Inlet Region, Inc. an Alaska Native Regional Corporation. As a US Federal contractor, we are a dedicated IT Service Provider supporting the Departments of the Army, Navy, Air Force, DoD Educational Institutions, and large corporate entities. Our expertise is in Cloud Computing, Cyber Security, Compliance Management, Enterprise Architecture, IT Support, and CSfC. If you are passionate about making a difference and thrive in a dynamic and collaborative environment, we invite you to apply to join our team.
Equal Opportunity Employer/Veterans/Disabled #J-18808-Ljbffr
Responsibilities
Develops RMF accreditation artifact documentation to include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other Navy mandated artifacts that comprise the Security Authorization Package.
Performs weekly CND vulnerability scans utilizing DoD/DoN mandated practices and software utilities.
Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253 and NIST 800-53
Prepare daily, weekly, and monthly reports detailing task and responsibility status
Supports Cybersecurity Test & Evaluation (CT&E) activities of system security engineering and program protection activities.
Monitors and executes compliance vulnerability scanning and uploads to the Navy VRAM database.
Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
Provides IT Security Incident Response support services and report all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
Performs system categorization; select, tailor security controls, implement, and test security controls
Attends and leads meetings, works in collaborative a team environment to provide network stability and continuity
Performs other tasks as required by OSC and the Government contracting office.
Required Qualifications/Education and Experience
Must have and maintain a Secret personnel clearance and must be eligible for a TS/SCI
High School diploma or equivalent
Must be DoD 8570 certified at the IAT-III/ IAM-III level (CASP, CISM, CISSP, CCISO, CISA)
Minimum of seven (7) years of hands‑on experience in the IT/Engineering field
Must have at minimum (2) years’ experience with DoN, DoD RMF process; must have completed full Navy or DoD RMF accreditation package from start to ATO issuance
Must have expert level knowledge of eMASS and experience in the development of Assessment and Authorization plans
In depth understanding of computer security, Department of Navy, and DoD cyber security policies
Prior experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), VRAM, and other DoN, and DoD cybersecurity tools
Strong ability to communicate clearly and succinctly in written and oral presentations
Prior experience with computer networking and telecommunication architecture, the OSI model, and communications protocols and in collaborating with multiple technical teams to drive solutions that are requirement driven
Have knowledge in network, physical, systems and application security practices
Must be familiar with intrusion detection and prevention measures and practices
Must be familiar with and have experience in tools and applications such as Firewalls, IDS/IPS, , ACAS, Nessus, and SIEMs
Familiarity with DoD, NIST, RMF and FedRAMP processes
Excellent written and verbal communication skills
Knowledge of ACAS to create and execute scan jobs, reports, and able to troubleshoot non‑compliant scans.
Knowledge of multiple architectures: Cisco, Linux, Windows, and VMWare
Preferred Qualifications/Education and Experience
Bachelor’s degree (preferably in Information Technology, Information Management, or Cyber Security)
Meet or exceed OPNAVINST 5239 requirements to be certified as Intermediate Qualified Level Navy Validator
Benefits OSC Edge delivers a total rewards package that we know will attract, engage and retain top talent. Key elements of our package include a competitive base pay and a comprehensive benefits package:
We offer eligible employees with an opportunity to enroll in a variety of benefits offerings. Here are just some of our benefits for our US based positions:
Life insurance and AD&D
Flexible Spending
Accident, Critical Illness and Hospital Indemnity coverage
401(k) and ROTH retirement options and company match
Pet Insurance
Identify Theft and Fraud Protection coverage
About OSC Edge Founded in 2008, what started as a small business has grown into a diverse and innovative global team owned by Cook Inlet Region, Inc. an Alaska Native Regional Corporation. As a US Federal contractor, we are a dedicated IT Service Provider supporting the Departments of the Army, Navy, Air Force, DoD Educational Institutions, and large corporate entities. Our expertise is in Cloud Computing, Cyber Security, Compliance Management, Enterprise Architecture, IT Support, and CSfC. If you are passionate about making a difference and thrive in a dynamic and collaborative environment, we invite you to apply to join our team.
Equal Opportunity Employer/Veterans/Disabled #J-18808-Ljbffr