Senior Cyber Security Engineer
8 - 10 years experience • IT Consulting/Services
About Falconwood, Inc:
Falconwood, Inc. is a small, woman/veteran-owned business providing executive level consultants and engineering support to a Program Executive Office (PEO) providing the Department of the Navy (DoN) with capable, secure, and affordable enterprise information technology (IT) solutions.
We provide expert consultation on a diverse range of IT subjects focusing on acquisition strategy, implementation activities and Information Assurance policy and engineering.
We have an immediate opening for a Senior Cyber Security Engineer supporting strategic planning and execution of Information Assurance and Technical Authority (IA TA) domain to develop the Cybersecurity Reference Architecture (CSRA) and Implementation Guide across the PEO portfolio of programs.
Job Code: FWI-EIS-SCE
*Minimal travel may be required.
The Cyber Security Engineer will:
Create comprehensive cybersecurity strategy for a PEO within the Department of the Navy.
Develop comprehensive cybersecurity reference architecture and implementation guide for a PEO
Develop Defense-in-Depth Functional Implementation ArchitectureNetwork Transformation (DFIANT) Implementation Guide
Support ArchitectureWorking Group (AWG) to develop Information Assurance Technical Authority (IA TA) reference architecture for Cybersecurity
Develop security mitigations and countermeasures for intrinsic system and product vulnerabilities
Response to Cybersecurity data calls and otherreporting functions as assigned.
Advise the PEO Engineering and Security Certification Authority (SCA), PEO Cybersecurity Technical Directors and Leads on all IA and security matters concerning intrusions, targeted attacks, and emerging threats against Navy networks, systems, and applications.
- Collaborate with systems engineering and enterprise architectureworking groups across PEOs and Program Management Offices to capture as is Cybersecurity capabilities, identify gaps, and develop reference architecture and standards.
- Collect, analyze, and report compliance with Navy/DOD Cyber Directives
- Collaborate with multiple Engineering and Cybersecurity disciplines to ensure security safeguards and features are integrated into enterprise system and solution designs.
- Develop Enterprise Accreditation Strategy and Guide to support FISMA DIACAP reporting of 1000+ site and system type accreditations compliant with DODI 8510.01
- Cyber Security SME for securityrisk management supporting Engineering Change Control Board, Boundary Change Requests, Enterprise Residual Risk Process, as requested by the Navy Authorizing Official
- Develop implementation standards and guides to transition the Navy from DIACAP to Risk Management Framework (RMF)
- Develop and update Cybersecurity Tactics, Techniques, and Procedures (TTPs) as required to support Navy Defense-in-Depth Implementation Architecture to pace with advanced and persistent Cybersecuritythreats
- Perform risk assessment of Navy networks, systems, and applications as directed by PEO Portfolio of Programs.
- Provide technical advice and expertise to PEO Portfolio of Programs for IA and C&A capabilities.
- Liaison to Computer Network Defense (CND) Afloat and Ashore programs
- Perform gap analysis between CND implementations across the Navy and DOD platform boundary and enclave boundary
- Support teams of IA Engineers to conduct Systems Engineering Technical Review (SETR) events to ensure solutions comply with IA TA standards as directed
- Minimum DoD SECRET clearance
- BS in Computer Science/Information Systems/Engineering, or a strong grasp of Computer Science/Information Systems and relevant experience
- Have valid Cyber Security certification in accordance with DoD 8570 IAT II requirements
- Excellent oral and written communication and outstanding customer service skills
- Expert knowledge of Security Technical Implementation Guides (STIG) Security Requirements Guide (SRG)
- Knowledge of Information Assurance and Technical Authority (IA TA) Standards and DISA FSO IA Standards
- Familiarity with SPAWAR 5.0 Engineering organization and strategic plan
- Familiarity with PEO EIS and its Portfolio of Enterprise Business Systems