Sr. Systems Security Engineer Navy Top SecretSCI Required

Dahlgren, VA - USA

Monthly Salary: Not Disclosed

Posted on: 23 hours ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Sr. Systems Security Engineer to join our program supporting the Department of Defense (DoD). This position is remote. This position requires the ability to obtain a Top Secret/SCI clearance.
Qualifications:

Six (6) years of professional experience in relation to IT security with the DoD or Navy.
Experience with vulnerability analysis risk analysis SCAP scans DISA Security Technical Implementation Guide (STIG) implementation scanning for viruses and other software that is detrimental.
Qualified experience in accreditation of systems and audits.
Conducts and leads TEMPEST testing using approved test plan the production test procedures and the current National TEMPEST Standard.
Active DoD IAT Level III certification

Duties:

Design implement and maintain secure system architectures in accordance with DoD and Navy cybersecurity standards.
Perform system security engineering activities throughout the system development lifecycle (SDLC).
Conduct risk assessments vulnerability analyses and security audits to identify and mitigate potential threats.
Develop review and maintain security artifacts including System Security Plans (SSPs) Security Assessment Reports (SARs) and Plans of Action and Milestones (POA&Ms).
Support system authorization and accreditation activities under the Risk Management Framework (RMF).
Implement security controls and validate compliance with NIST SP 800-53 and DoD 8500.01 policies.
Collaborate with network system and software engineers to integrate security solutions into system designs.
Provide recommendations for security enhancements and mitigation strategies to maintain continuous monitoring compliance.
Participate in cybersecurity incident response activities and support root cause analyses.
Conduct security testing including vulnerability scanning and penetration testing to verify control effectiveness.
Ensure all security documentation diagrams and configurations are maintained and updated regularly.
Develop and enforce secure configuration baselines in alignment with DISA STIGs and other DoD standards.
Provide subject matter expertise to leadership during technical reviews audits and risk management discussions.
Train and mentor junior engineers and cybersecurity staff in best practices for secure system engineering.
Stay current with emerging threats vulnerabilities and DoD cybersecurity policy updates.

Required Experience:

Senior IC

Six (6) years of professional experience in relation to IT security with the DoD or Navy.
Experience with vulnerability analysis risk analysis SCAP scans DISA Security Technical Implementation Guide (STIG) implementation scanning for viruses and other software that is detrimental.
Qualified experience in accreditation of systems and audits.
Conducts and leads TEMPEST testing using approved test plan the production test procedures and the current National TEMPEST Standard.
Active DoD IAT Level III certification

Duties:

Design implement and maintain secure system architectures in accordance with DoD and Navy cybersecurity standards.
Perform system security engineering activities throughout the system development lifecycle (SDLC).
Conduct risk assessments vulnerability analyses and security audits to identify and mitigate potential threats.
Develop review and maintain security artifacts including System Security Plans (SSPs) Security Assessment Reports (SARs) and Plans of Action and Milestones (POA&Ms).
Support system authorization and accreditation activities under the Risk Management Framework (RMF).
Implement security controls and validate compliance with NIST SP 800-53 and DoD 8500.01 policies.
Collaborate with network system and software engineers to integrate security solutions into system designs.
Provide recommendations for security enhancements and mitigation strategies to maintain continuous monitoring compliance.
Participate in cybersecurity incident response activities and support root cause analyses.
Conduct security testing including vulnerability scanning and penetration testing to verify control effectiveness.
Ensure all security documentation diagrams and configurations are maintained and updated regularly.
Develop and enforce secure configuration baselines in alignment with DISA STIGs and other DoD standards.
Provide subject matter expertise to leadership during technical reviews audits and risk management discussions.
Train and mentor junior engineers and cybersecurity staff in best practices for secure system engineering.
Stay current with emerging threats vulnerabilities and DoD cybersecurity policy updates.