Isys Technologies

Cyber A&A Engineer

Isys Technologies$90K — $120K *
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years of related experience in cybersecurity or a related field
  • Active Top Secret clearance required
  • IAT Level II/IAM Level I certification (e.g., Security+CE)
  • Strong understanding of DoD/Federal cybersecurity policies
  • Knowledge of Enterprise Mission Assurance Support Service (eMASS)
  • Familiarity with Risk Management Framework cybersecurity lifecycle
  • Experience with Software Assurance static and dynamic code analysis tools

Responsibilities

  • Process and validate user account forms and required training for cybersecurity accounts
  • Assess systems and networks to identify deviations from security policies
  • Conduct STIG assessments and hardening for various operating systems
  • Develop test plans to evaluate STIG implementation effectiveness
  • Update RMF documentation to track non-compliance and remediation efforts
  • Establish processes for risk mitigation and system authorization
  • Assist in implementing government cybersecurity policies and process recommendations

Benefits

  • Competitive compensation package
  • Comprehensive benefits including health, dental, and vision insurance
  • Opportunities for professional development and career growth
  • Supportive work environment focused on innovation and teamwork
  • Paid time off and flexible work arrangements
Full Job Description
Minimum Clearance Required
Top Secret Responsibilities

I2X Technologies is seeking a Cyber A&A Engineer to support ongoing activities for a customer in Colorado Springs, CO. This position will be on-site and will require an active Top Secret clearance. 

 

  • Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual validation of accounts, and work with system administrator on creation, modification, and removal of accounts
  • Perform assessment of systems and networks within a virtual environment and identify where those systems deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits using STIG Viewer, SCAP, etc and active evaluations such as vulnerability assessments utilizing ACAS.
  • Perform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOS
  • Develop test plans reflecting how STIG checks are implemented and be able to show expected outcomes of those checks
  • Update Risk Management Framework (RMF) artifact documentation to ensure system hardening non-compliant is tracked and remediated
  • Establish strict program control processes to ensure mitigation of risks and supports obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
  • Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activities.
  • Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards
  • Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization
  • Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M)
  • Periodically conduct a complete review of each program support and operational system's audits and monitor corrective actions until all actions are closed
  • Coordinate across the program to address identified deficiencies during RMF assessment activities
Qualifications

Required Experience:

  • 3+ years of related experience and may have post- secondary degree or training in a related discipline
  • Active Top Secret clearance required to start
  • IAT Level II/ IAM Level I DoD 8570 certification (Sec+ CE or equivalent)
  • Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.)
  • Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)
  • Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to include: identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, conducting verification testing for compliance assessment
  • Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g. Fortify/SonarQube)

 

Desired Experience and Skills

  • Windows and Red Hat Enterprise Linux (RHEL) system administration skills
  • Previous background working in a virtual environment
  • Previous background working with dockers and containers
  • Administer ACAS and ESS (formally HBSS)- Previous experience with ConfigOS

 

 

Essential Requirements:

US Citizenship is required.

 

In compliance with Colorado’s Equal Pay for Equal Work Act, the annual base salary range for this position is listed . Please note that the salary information is a general guideline only. I2X Technologies considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer.

 

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without reasonable accommodation.

 

While performing the duties of this job, the employee will regularly sit, walk, stand and climb stairs and steps. May require walking long distance from parking to work station. Occasionally, movement that requires twisting at the neck and/or trunk more than the average person, squatting/ stooping/kneeling, reaching above the head, and forward motion will be required. The employee will continuously be required to repeat the same hand, arm, or finger motion many times. Manual and finger dexterity are essential to this position. Specific vision abilities required by this job include close, distance, depth perception and telling differences among colors. The employee must be able to communicate through speech with clients and public. Hearing requirements include conversation in both quiet and noisy environments. Lifting may require floor to waist, waist to shoulder, or shoulder to overhead movement of up to 20 pounds. This position demands tolerance for various levels of mental stress.

 

I2X Technologies is an Engineering and Information Technology Company focused on providing Services to the Federal and State Government. I2X offers a competitive compensation program and comprehensive benefits package to our employees.

About Isys Technologies

ISYS Technologies is an information technology services company that provides engineering, integration, and sustainment services to government and commercial clients. ISYS Technologies is headquartered in Colorado and has offices in Virginia, Maryland, and Washington. ISYS Technologies' services include systems engineering, software development, cybersecurity, and data analytics. ISYS Technologies' clients come from a variety of industries, including aerospace, defense, and intelligence. ISYS Technologies was founded in 2004 and has grown to become one of the fastest-growing companies in the United States.
Learn more about Isys Technologies
Size
650 employees
Industry
Net Income
$5 million
Founded
2004
5 Year Trend
+50%
Revenue
$100 million

Similar Jobs

More Jobs at Isys Technologies

More Aerospace & Defense Jobs

Find similar Cyber A&A Engineer jobs: