DescriptionActioNet is seeking a
Lead Cybersecurity Engineer to join our team in Vienna,VA. Responsible for all cybersecurity architecture and vision across the program. Selects applicable RMF controls and ensures engineers apply them.
Salary range for this position is up to $250,000, depending on qualifications, including relevant certifications, education, years of experience, and demonstrated experience supporting Federal Government programs within the field. Candidates with specialized expertise, industry-recognized certifications, and strong Federal contracting experience may be considered at the higher end of the range.
Responsibilities- Oversees ATO testing, collection of bodies of evidence, and documentation. Ensures network vulnerabilities (IAVA, CVE) are understood and remediated.
- Serves as the technical authority and SME on information security RMF for DoD and NIST RMF accreditation testing and evaluation. Performs as Cybersecurity Lead and technical expert across multiple BIM TOs.
- Experienced in the DoD RMF process.
- Interacts with USG RMF personnel and participates in Cybersecurity meetings.
- Holds an IAM Level III certification.
- Formulates and implements security certification methods for projects/programs conforming to DoD and Federal cybersecurity requirements
- Enforces Enterprise-level, established security policies.
- Advises on best practices of design, development, and continuous monitoring of an information system, developing and updating process documentation as needed.
- Advises on vulnerability management and security scanning practices.
- Applies knowledge of IA policies, procedures, and workforce structures to design, develop, and implement secure networking, computing, and enclave environments, establishing proper security handling of USG data.
- Supports security planning, assessment, risk analysis, and risk management using the RMF in execution of the RMF processes, including the completion of RMF process steps in eMASS, the development of RMF artifacts (Security Plan, POA&M, Continuous Monitoring Plan, Risk Assessment Report, etc.), and the implementation and assessment of Security CCIs.
- Conducts briefings and provides metrics as required by executive management.
- Addresses C-SCRM with requirements with Logistician; ensures proper identification and mitigation of cyber-supply chain risks.
Required Qualifications & Skills- Degree: Technical BA/BS degree;
- Experience: 7 years with BA/BS degree;
- Commensurate: High School diploma or associate degree plus a minimum of 10 years of experience as a Cybersecurity Engineer on large, complex programs/systems.;
- Specific Skills: Minimum of 2 years of experience leading/managing a cybersecurity team; experience working with DoD or USG programs; proficient with MS Office Suite (Word, Excel, PowerPoint, Visio);
- Certification(s): DoDI 8140.03 IIAM Level III, CISSP, and CISM;
- Clearance: Secret
Preferred certificationsCandidates possessing one or more of the following certifications are strongly preferred:
- Certified Information Systems Security Professional (CISSP) (in addition to required baseline, preferred for depth of expertise)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA) or GIAC Security Leadership (GSLC)
• GIAC Security Essentials (GSEC) or other GIAC technical cybersecurity certifications (e.g., GCIH, GCIA)
• Certified Cloud Security Professional (CCSP)
• CompTIA Advanced Security Practitioner (CASP+)