Cyber SecurityEngineer

Location: Randolph AFB (Texas)

Clearance Required: Secret

Anticipated Start Date: Immediate

PCI is actively seeking aCyber SecurityEngineer to ProvideCyber Security support at Randolph AFB, TX.

Responsibilities:

  • Function as a Cybersecurity subject matter expert for DoD clients in a fast-paced environment
  • Develop DoD RMF Assessment and Authorization (A&A) documentation for Department of the Air Force Human Resource System Division systems
  • Process Risk Management Framework (RMF) Assessment & Authorization (A&A) packages to include artifact generation, requirement analysis, security test and evaluation (ST&E) planning and execution, system categorization, security control selection, security control implementation, security control assessment, risk assessment and analysis, and development of Plans of Action and Milestones (POA&M), systems analysis and hardening strategies, incident response and policy analysis, trusted product evaluation, and IA assessments
  • Develop and manage security documentation in support of FISMA requirements, e.g., security categorizations, system security plans, privacy impact assessments, configuration management plans, vulnerability assessment reports, etc.
  • Lead security risk assessments of information systems and provide critical written and oral analyses of network and system vulnerability scans and Security Technical Implementation Guide (STIGs)
  • Detailed understanding of FISMA, NIST 800 series, Federal RMF and ability to articulate such guidelines, policy and processes
  • Authoring and maintaining security documentation such as System Security Plans, Risk Assessment, ST&E Plans, Incident Reports, POA&Ms, etc.
  • Familiar with penetration testing techniques and web application scanners and firewalls technologies
  • Strong knowledge of data network protocols, design and operations, TCP/IP, Ethernets, etc.
  • Working knowledge of DIACAP, DoDI 8500.01, DoDI 8510.01, DoD RMF Knowledge Service, and NIST SP 800-37 Risk Management Framework (RMF) principles, concepts, and practices
  • Working knowledge of eMASS including version 5.1 which includes RMF
  • Experienced working with large corporate, military or other enterprise environments
  • Excellent written and verbal communication skills and client focus a must
  • Working knowledge of system and network security engineering best practices, and a solid understanding of TCP/IP
  • Working knowledge of the SDLC, System Development Life Cycle
  • Working knowledge of Configuration Management Program implementation and activities
  • Working knowledge of defense in depth, access control mechanisms, auditing mechanisms and validating requirements, and identification and authentication mechanisms
  • Working knowledge of Operating System platforms (i.e. Windows, Linux) and approved NSA/DHS/industry hardening methods
  • Must be a customer service-oriented
  • Must have the ability to work in a dynamic environment and meet projected suspense dates

Qualifications:

  • Security+ Required
  • Other security certifications (e.g. CISM, CISSP, SSCP) are a plus
  • Must have the ability to obtain an Active Secret Security Clearance

PCI Strategic Management is a premier management consulting firm that assists organizations in defining and executing their strategic vision. PCI is a veteran-owned small business providing

professional services, technical solutions, and management consulting primarily to the

U.S. Department of Defense and Intelligence Community Clients.

PCI is headquartered in Columbia, MD and is an Equal Opportunity Employer.