Envistacom is a privately held technology company that provides counterterrorism, cybersecurity and communications solutions to U.S. and coalition partners in the aerospace, defense and intelligence communities. Customers rely on Envistacom for innovative technology and subject-matter expertise to achieve their missions in identifying and defeating global threats. Envistacom is a trusted partner in protecting military personnel, civilians and critical infrastructure around the world
The Senior RMF Cybersecurity Engineer will work with a team of Senior Cybersecurity specialists to provide expert consultation across a wide range of cross-functional areas of Cyber Security in support of the Army’s mission. The Cybersecurity Engineer (Senior) will provide project planning, guidance and technical expertise in the following areas: Cyber Security engineering program, policy, process, and planning; risk management, auditing, and assessments; Assessment and Authorization (A&A) using the DoD Risk Management Framework (RMF) guidelines; and quality planning and control.
Knowledge, Skills, and Abilities:
Hands-on Experience using the following Tools:
Lead and manage Cyber Security team in an operations and maintenance environment. Use industry best practices in cyber security and security engineering related to vulnerability management, intrusion. Assist with development and maintaining Memorandum of Agreement (MOA) and end-to- end Standard Operating Procedures (SOPs) to identify collaborative responsibilities and support process interaction with Army and other Government agencies. Develop and maintain a detailed policy matrix mapping DoD, and agency policies to the required security controls as identified by DoDI 8510 DoD RMF. Documents include but are not limited to: Standard Operating Procedures (SOPs) Agency Training (e.g., cyber awareness, computer incidents, malicious codes, etc.).
Advise system owners on all matters, technical and otherwise, involving the security of assigned capabilities and systems. Develop standard operating procedures in accordance with security control requirements. Perform continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect for meeting the cybersecurity requirements for assigned capabilities. Work with technical teams to mitigate security control deficiencies for assigned capabilities. Assess the cybersecurity impact of changes to assigned capabilities. Conduct self-assessments of security controls, identify weaknesses and track remediation activities in Plan of Action and Milestones (POA&M).
Conduct technical vulnerability assessments and prioritize and track remediation efforts. Provide the required system access, information, and documentation to security assessment and audit teams. Participate in security assessments and audits for assigned systems and facilitate obtaining evidence for data requests. Complete required A&A (Assessment and Authorization) activities on assigned IT systems. Assist federal staff in assessing new applications, identifying applicable DoDI RMF requirements and advising system owners of the process.
Perform ISSO tasks in accordance with DoDI 8510 requirements. Ensure that the appropriate operational cybersecurity posture is maintained for assigned capabilities.
Develop, update and maintain the System Security Plan (SSP) for assigned systems to include:
Bachelor's degree (or higher) in related field
Licenses or certifications:
Verifiable IAM and IAT Certification (CISSP, CISM, CAP or GSLC)
Envistacom is proud to be an Affirmative Action/Equal Opportunity Employer. Envistacom provides equal employment opportunity for all persons, in all facets of employment and maintains a drug free workplace and performs pre-employment substance abuse testing and background checks. We encourage minorities, women, veterans, LGBT and disabled individuals to apply.
Please - no recruiters or staffing agencies