IAT2 CyberSecurity


Colorado Springs, CO
United States

Experience Required
Yes
Degree Required
Yes
Employment Type
Employee
Work Schedule
Full-Time

Job Description
Job Responsibilities
Davidson Technologies Inc. is seeking a IAT2 CyberSecurity candidate for the Sustainment and Modification of Radar Sensors (SMORS) program located in Colorado Springs, CO. Responsibilities include:
  • Perform Information System Security Officer (ISSO) duties in support of in-house and external customers.Perform assessment of systems and networks within the networking environment and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits using STIG Viewer, SCAP, etc and active evaluations such as vulnerability assessments utilizing ACAS.
  • Perform assessments of non-technical RMF artifacts and identify where those artifacts deviate RMF control requirements.
  • Establish strict program control processes to ensure mitigation of risks and supports obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
  • Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activities.
  • Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
  • Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
  • Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M).
  • Periodically conduct a complete review of each program support and operational system's audits and monitor corrective actions until all actions are closed.
  • Coordinate across the program to address identified deficiencies during RMF assessment activites.
Qualifications
Requirements:
  • Current Security+ certification required to start
  • Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).
  • Thorough understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)
  • Familiarity in the Risk Management Framework (RMF) Cybersecurity Lifecycle to include: identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, conducting verification testing for compliance assessment.
Desired Competencies/Experience/Certifications:
  • Experience creating and updating Python scripts
  • Experience with Software Assurance (SwA) static and dynamic code analysis
  • Experience with Security Information and Event Management (SIEM) solutions (e.g. QRadar/LogRhythm)
  • Experience with Host Based Security System (HBSS)
  • Experience with the Xylok RMF Compliance Auditing application
Clearance Requirements:
Must possess a Secret Security Clearance