Senior Information Assurance Engineer at KBR, Inc in Lexington Park, MD
Role and Responsibilities The successful candidate for this Senior Information Assurance (IA) Engineer position will be part of the KBR team supporting the The Program Executive Office (PEO) Manpower, Logistics, and Business Solutions (MLB) Logistics IT (LogIT) portfolio to manage the Risk Management Framework (RMF) accreditation requirements for the Data Exchange and Data Environment referred to as the (DEx). The Senior IA Engineer will manage a team of IA professionals to support the Government in obtaining an Interim Approval to Test (IATT) and/or an Approval to Operate (ATO) for the DEx solution which includes the contractor developed DEx connector/interface solution prior to Limited Deployment (LD) leveraging the NAVAIR IaaS and CANES accreditations. Vendor support is defined as the following:
i. RMF Step 1 - Assist the Government with system categorization Provide DEx connector/interface technical inputs to the Government in assisting them with updates to the following documents:
System Security Plan (SSP), Security Concept of Operations (ConOps), and Risk Assessment Report (RAR). Participate in the RMF customer review, preparing DEx presentation material and perform agreed upon actions based on the reviews ii. RMF Step 2 - Assist the Government with establishing security control baseline Provide DEx connector/interface inputs to the Government to assist with their Security Requirements Traceability Matrix (SCTM) and Continuous Monitoring (ConMon) documents iii. RMF Step 3 - Provide security control documentation to the Government Provide DEx connector/interface inputs to the Government to assist with their Threshold Formation Module (TFM), Security Authorization Package (SAP), Security Features Users Guide (SFUG) documents (Deliverable 3.0, TO 1.11 Technical Inputs - Accreditation Artifacts) Implement Security Technical Implementation Guide (STIGs), IAVMs and conduct hardening, for only the DEx differences, and Verify Security Control Assessment Procedures, for only the DEx differences Duties include:
Planning, implementation, upgrades, or monitoring security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safe guard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Shall possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others. The Senior IA Engineer shall have hands-on IA operational experience. The Senior Information Assurance/Security Specialist is responsible for the complex IA requirements across all four services in the DoD environment. The Senior IA Engineer shall; provide technical security guidance in all phases of system accreditation requirements ensuring they are coordinated and communicated across the participant activities; provide technical assistance in developing operational and systems architectural products; assist testing and identifying security vulnerabilities to provide guidance on mitigating risks to systems; be experienced and successful at solving complex cyber security issues; enjoy working in a dynamic, responsive, and collaborative environment; and be dedicated to the success of our customers against advanced, persistent threats. Responsible for day-to-day project IA team task execution of contract performance managing all aspects of the DEx project management to including contract technical team engagement, Coordinate IA task project schedule, plan of action and milestones (POA&M), and deliverables with partners Will interface one on one and in team meetings daily with the DEx customer and program technical team members Will coordinate with the government on integrating required Software Maintenance, Information Assurance Vulnerability Alert (IAVA), Information Assurance Vulnerability Bulletin (IAVB), and Information Assurance Vulnerability Management (IAVM). Will support cyber security tasks for the DEx solution to maintain configuration controlled and certified within a specified government Infrastructure as a Service (IaaS), Agile Core Services (ACS) Collaborative Staging Environment (CSE) and hosted Virtual Machine (VM) environments. Will support cyber security tasks to obtain Interim Authorization to Test (IATT), and Authority to Operate (ATO) prior to Limited Deployments (LD) leveraging existing accreditations. Responsible for the delivery of an Integrated Master Schedule (IMS) to include all activities required to meet the key milestones and the Limited Deployment (LD) delivery. Will participate in Government risk assessment program with adherence to the LOGIT PMO Risk Management Plan (RskMP). Will prepare briefing charts, scheduled meetings, kept records and record minutes, prepared after-action reports in support of technical reviews and investment reviews Will be required to understand many aspects of Navy integration, test, and deployment technologies This position may require travel occasionally to support operations located at various DoD Ranges Knowledge / Skills / Abilities Demonstrated experience and success leading complex projects and efforts in a DoD environment Demonstrated experience with DoD Integration, test, and deployment Demonstrated experience with DoD acquisition processes and execution Candidate must be a high performer, with experience in integration, test, and deployment of Ship, Shore, and Integrated Development Environment (IDE) solutions with equivalent experience/combined education. Knowledge of DoD Cybersecurity policies to include DoD 8570.01-M, DoDI 8500.1, and 8510.01 RMF for DoD IT systems. Leadership and Team Building skills. Ability to communicate effectively with technical and senior leaders. Excellent computer skills, specifically in Microsoft Word, Excel, and PowerPoint Excellent interpersonal skills, oral and written communication skills, and strong personal motivation are preferred. Ability to work independently and provide appropriate recommendations for optimal analysis and development. Excellent written and verbal communications skills are required. Must be customer focused and a team player. Desired Knowledge of LD activities to support squadrons (SQN), Fleet Readiness Centers (FRCs), Marine Aviation Logistics Squadron (MALS), and destroyer class ship (DDG). Knowledge of PEO MLB Programs and Projects Education and Experience Bachelor's Degree in engineering, computer science, or related field and a minimum of 15 years related IA experience, with average experience of 20
years. Certified Information Systems Security Professional (CISSP) certification preferred Additional Notes Must be a US citizen. Must currently have and/or be capable of obtaining a security clearance Active Secret clearance required; Active TS with SCI eligibility is a plus
Salary Range:
$250K -- $500K+
Minimum Qualification
Software Development, Quality AssuranceEstimated Salary: $20 to $28 per hour based on qualifications.
i. RMF Step 1 - Assist the Government with system categorization Provide DEx connector/interface technical inputs to the Government in assisting them with updates to the following documents:
System Security Plan (SSP), Security Concept of Operations (ConOps), and Risk Assessment Report (RAR). Participate in the RMF customer review, preparing DEx presentation material and perform agreed upon actions based on the reviews ii. RMF Step 2 - Assist the Government with establishing security control baseline Provide DEx connector/interface inputs to the Government to assist with their Security Requirements Traceability Matrix (SCTM) and Continuous Monitoring (ConMon) documents iii. RMF Step 3 - Provide security control documentation to the Government Provide DEx connector/interface inputs to the Government to assist with their Threshold Formation Module (TFM), Security Authorization Package (SAP), Security Features Users Guide (SFUG) documents (Deliverable 3.0, TO 1.11 Technical Inputs - Accreditation Artifacts) Implement Security Technical Implementation Guide (STIGs), IAVMs and conduct hardening, for only the DEx differences, and Verify Security Control Assessment Procedures, for only the DEx differences Duties include:
Planning, implementation, upgrades, or monitoring security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safe guard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Shall possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others. The Senior IA Engineer shall have hands-on IA operational experience. The Senior Information Assurance/Security Specialist is responsible for the complex IA requirements across all four services in the DoD environment. The Senior IA Engineer shall; provide technical security guidance in all phases of system accreditation requirements ensuring they are coordinated and communicated across the participant activities; provide technical assistance in developing operational and systems architectural products; assist testing and identifying security vulnerabilities to provide guidance on mitigating risks to systems; be experienced and successful at solving complex cyber security issues; enjoy working in a dynamic, responsive, and collaborative environment; and be dedicated to the success of our customers against advanced, persistent threats. Responsible for day-to-day project IA team task execution of contract performance managing all aspects of the DEx project management to including contract technical team engagement, Coordinate IA task project schedule, plan of action and milestones (POA&M), and deliverables with partners Will interface one on one and in team meetings daily with the DEx customer and program technical team members Will coordinate with the government on integrating required Software Maintenance, Information Assurance Vulnerability Alert (IAVA), Information Assurance Vulnerability Bulletin (IAVB), and Information Assurance Vulnerability Management (IAVM). Will support cyber security tasks for the DEx solution to maintain configuration controlled and certified within a specified government Infrastructure as a Service (IaaS), Agile Core Services (ACS) Collaborative Staging Environment (CSE) and hosted Virtual Machine (VM) environments. Will support cyber security tasks to obtain Interim Authorization to Test (IATT), and Authority to Operate (ATO) prior to Limited Deployments (LD) leveraging existing accreditations. Responsible for the delivery of an Integrated Master Schedule (IMS) to include all activities required to meet the key milestones and the Limited Deployment (LD) delivery. Will participate in Government risk assessment program with adherence to the LOGIT PMO Risk Management Plan (RskMP). Will prepare briefing charts, scheduled meetings, kept records and record minutes, prepared after-action reports in support of technical reviews and investment reviews Will be required to understand many aspects of Navy integration, test, and deployment technologies This position may require travel occasionally to support operations located at various DoD Ranges Knowledge / Skills / Abilities Demonstrated experience and success leading complex projects and efforts in a DoD environment Demonstrated experience with DoD Integration, test, and deployment Demonstrated experience with DoD acquisition processes and execution Candidate must be a high performer, with experience in integration, test, and deployment of Ship, Shore, and Integrated Development Environment (IDE) solutions with equivalent experience/combined education. Knowledge of DoD Cybersecurity policies to include DoD 8570.01-M, DoDI 8500.1, and 8510.01 RMF for DoD IT systems. Leadership and Team Building skills. Ability to communicate effectively with technical and senior leaders. Excellent computer skills, specifically in Microsoft Word, Excel, and PowerPoint Excellent interpersonal skills, oral and written communication skills, and strong personal motivation are preferred. Ability to work independently and provide appropriate recommendations for optimal analysis and development. Excellent written and verbal communications skills are required. Must be customer focused and a team player. Desired Knowledge of LD activities to support squadrons (SQN), Fleet Readiness Centers (FRCs), Marine Aviation Logistics Squadron (MALS), and destroyer class ship (DDG). Knowledge of PEO MLB Programs and Projects Education and Experience Bachelor's Degree in engineering, computer science, or related field and a minimum of 15 years related IA experience, with average experience of 20
years. Certified Information Systems Security Professional (CISSP) certification preferred Additional Notes Must be a US citizen. Must currently have and/or be capable of obtaining a security clearance Active Secret clearance required; Active TS with SCI eligibility is a plus
Salary Range:
$250K -- $500K+
Minimum Qualification
Software Development, Quality AssuranceEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
