Cyber Security Engineer in Colorado Springs, CO

$150K - $200K(Ladders Estimates)

DECISIVE ANALYTICS Corporation   •  

Colorado Springs, CO 80903

Industry: Aerospace & Defense

  •  

8 - 10 years

Posted 29 days ago

Decisive Analytics Corporation is looking for an Intermediate Cybersecurity Engineer to join our team in Colorado Springs, CO supporting the MDA Security Control Assessors (SCA) as the Independent Verification and Validation (IV&V) team by performing complete and thorough risk assessments for the MDA.

Responsibilities

Daily responsibilities include performing risk assessments on packages submitted from the Information System Security Manager (ISSM) in Enterprise Mission Assurance Support Service (eMASS) and examining results of vulnerability analysis, STIG, SRG, IAVM and cybersecurity control compliance in order to perform a detailed risk assessment. These submissions include System Security Plans (SSP), Interim Authorization To Test (IATTs), Authorization to Operate (ATO), and Authorization to Connect (ATC). The Risk Assessment process evaluates data from many sources to develop a holistic assessment that enables the Authorizing Official (AO) to make an authorization decision. This process takes vulnerabilities associated with noncompliant RMF controls and evaluates their risk to the mission and the agency to arrive at a residual risk. The CRA Engineer position is responsible for executing and documenting risk assessments, including interacting directly with the SCAs and the ISSMs and their Cybersecurity support staff, and supporting the AO signing.

Qualifications

Qualifications:

  • Successful candidate will understand the Risk Management Framework (RMF) and the NIST 800-53 RMF Security Control Catalog
  • Experience assessing compliance and performing risk assessments
  • Strong technical writing skills are required for producing Risk Assessment Reports and writing assessments that will be presented to the SCA and the AO for decision
  • 10 years of IT experience, with at least 5 years of advanced cybersecurity experience
  • Capable of leading and executing advanced Cybersecurity Risk Analysis efforts
  • Detail-oriented and mission-focused
  • Ability to work on a broad spectrum of information systems
  • Possess significant knowledge of the Risk Management Framework as well as DoD and NIST guidance related to performing risk assessments
  • Experience with the eMASS tool and repository is highly desired
  • DoD 8570.01-M IASAE Level II Certification required
  • Secret security clearance required; Top Secret preferred
  • Cyber Threat Analyst background and experience in Cloud authorization strategies is desired

Education: A Bachelor's Degree in a technical field is desired but real world experience counts too!

Valid Through: 2019-11-11