|
Position ID: |
374109 |
Status: |
Closed |
|
Location: |
Sterling, Virginia, United States |
How Many: |
1 |
|
Duration: |
12+ Month(s) |
Pay Rate: |
DOE |
|
Employment Type: |
Contract |
Uniform required:
|
No
|
|
Work shift:
|
Shift-1
|
|
|
Position Description:
**Secret Clearance or Interim Secret Clearance Required to Start**
Sr Software Engineer - Cyber
This software engineering position is within the Simulation & Training Solutions (STS) business area. STS develops and builds simulators and training systems for both military and commercial customers. Devices range in complexity from desktop training all the way up to high fidelity weapon system and full-flight training systems including full visual, motion, and simulator interoperability (HLA/DIS).
Roles and Responsibilities:
-In close coordination with the training system’s lead architect and design engineers, design, implement and test the Risk Management Framework (RMF) infrastructure for the training system.
-To support Risk Management Framework (RMF) Configuration Management
----Monitoring networks and systems for security incidents and intrusions
----Provides weekly audits of systems related to network and system logging and monitoring
----May perform web application penetration testing and vulnerability assessments for security improvements
-To support Risk Management Framework (RMF) Assessment and Authorization
----Performs Information Assurance (IA) administration conducting certification and accreditation of systems using the RMF process
----Provides DoD Policies/Instructions, STIG, and IAVA guidance, implementation, and analysis
----Provides security services in consultant role to internal and external customers
----Demonstrate knowledge and proficiency using IA scan tools such as Nessus (ACAS) and IA tools such as HBSS to ensure secure systems
----Windows and Unix systems administration
-To support RMF System and Communications Protection
----Designs and conducts regular audits of computer systems to determine that they are operating securely and that data is protected from both internal and external attack
----Assesses assigned system to determine system security status and ensures adherence to security policy, procedures and standards
----Performs technical cybersecurity with applications. Familiarity with tools such as SNORT, SIEM, AlienVault/OSSIM, Splunk, IDS’s, Tripwire, Web application firewalls, syslog, NMAP, VMware, Redhat, Apache/Tomcat, Cisco ASAS Devices, and Wireshark
----Monitors, evaluates, and maintains complex security systems according to industry best practices to safeguard internal information systems and databases
-To support Risk Management Framework (RMF) Incident Response
----Reviews security requirements and subsequently reviews systems to determine if they have been designed and established to comply with established standards
----Conducts investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management
----Responds to queries and requests for computer security information and reports from both internal and external customers
-To support Risk Management Framework (RMF) Planning
----Provides technical consultation on tasks; provides leadership and work guidance to less experienced personnel
----Provides recommendations of product for upgrades, patches and other general security measures in order to better secure systems for various clients. Troubleshooting and managing incidents and issues related to a custom application environment
|
|
Requirements:
-US citizenship is required for this position
-Five or more years of experience in computer science, management information systems, or data security experience
-Certification for DoD IAM 8570 compliance, Certified Information Systems Security Professional (CISSP)
-DIACAP/RMF process and implementation experience,
-Clear understanding of DODI 8500, DODI 8510, DODI 8570.01M, NIST 800-53Rev 4
-Experience with information assurance, including accreditation security testing and evaluation
-Have a broad knowledge of security methodologies, solutions and best practices
-Advanced understanding of the strengths and weaknesses of DISA STIGs
-Be comfortable using, configuring, troubleshooting, and administering both Linux and Microsoft operating systems. Experience with Virtualization technologies such as Hyper-V and VMware
-Candidate should have a solid understanding of security guidelines published by the National Institute of Standards (SP 800-53A rev4/FIPS200, SP800-171, FIPS 199/SP800-60, SP800-37, and other SP800 series as necessary)
-Experience with Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), DISA STIG’s, and other DoD approved vulnerability scanning assessment tools
-Experience remediating SCAP and ACAS scan results
-Experience administering and managing the Host Based Security System (HBSS)
-Experience administering and managing Cisco switches and Intrusion Protection Systems (IPS)
-Experience administering and managing Windows Active Directory, Group Policy Objects and DNS
Desirable Requirements:
-Ability to code
-C++
-Powershell
-Linux command shells,
-Computer Networking experience
-Ability to document work and RMF controls
-Multilevel Security experience
|
|
| Applying for Position # 374109 Sr. Software Engineer 2 - Cyber
|
|
Details
|
|
|
|
CTS Pays For Referrals! Call us today to learn more!!
|
|
|
|
|
|
|
|
|
|
 | Loading… |
|
