LOCATION: Ft Belvoir, VA
STATUS: Funded
TRAVEL: Negligible
CLEARANCE: Secret
BENEFITS: 401K, Life/Health/ Dental/Disability Insurance, Paid Time Off, and Tuition Reimbursement.
DESCRIPTION: Patricio Enterprises (PE) is seeking an Information Systems Security Officer to support the Project Manager Terrestrial Sensors, Product Manager (PM) Force Protection Systems (FPS) acquisition programs and quick response capabilities. PM FPS develops, fields, and sustains persistent surveillance systems that enhance intelligence, surveillance, and reconnaissance, target acquisition, force protection, and physical security capabilities, enabling rapid situational understanding and integrated operations for United States (US) Warfighters in the US Central Command (CENTCOM), Pacific Command (PACOM), Africa Command (AFRICOM), European Command (EUCOM) Areas of Responsibility (AORs) and other locations as required.
Primary duties will include (but not limited to):
- As a member of the PM FPS Cyber Team, apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement a secure network enterprise.
- Ensure that system(s) designs support the incorporation of DoD-directed IA vulnerability solutions, e.g., IAVAs.
- Develop programmatic cybersecurity related documentation in accordance with RMF and NIST policies.
- Conduct information system security control assessments (SCAs) and apply standard auditing techniques during systems security control assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient and recommending remedial action to Government customer to ensure compliance.
- Identify risk areas of non-compliance and propose solutions to design to fulfill operational needs and meet cybersecurity requirements simultaneously.
- Develop and interpret security architectures, data flow diagrams, engineering drawings, and publications that depict the system(s) architecture.
KNOWLEDGE AND SKILLS:- DoD 8570 Level II compliance or higher certification required: CISSP, CISSP-ISSAP or CISSP-ISSEP.
- Technical knowledge in security engineering, IT systems engineering, design concepts, and principles.
- Familiarity with System Life Cycle Development (SDLC) methodologies and the 800 series of Nation Institute of Standards and Technology (NIST) Special Publications (in particular 800-37, 800-39, 800-53, 800-53A, 800-94 and 800-115), Committee National Security Systems Instruction (CNSSI) 1253, and Federal Information Security Modernization Act (FISMA).
- Knowledge in Risk Management Framework (RMF) for DoD and Army IT in accordance with DoD 8510.01 and DAPAM 25-2-14.
- Knowledge of DoD and Army regarding system engineering acquisition processes.
- Ability to address vulnerabilities and maintain product security posture while reviewing, preparing, and updating RMF authorization packages and other security documents as required.
- Ability to identify risk areas of non-compliance and propose solutions to design to fulfill operational needs and meet cybersecurity requirements simultaneously.
- Ability to develop and interpret security architectures, data flow diagrams, engineering drawings, and publications that depict the system(s) architecture
- Exceptional verbal and written communication skills, with the ability to collaborate across teams and organizations, including senior level management.
EDUCATION / EXPERIENCE:- Secret security clearance.
- Bachelor's degree. Bachelor's degree in Systems Security Engineering, Software Engineering, or Computer Science preferred.
- A minimum of (5) years experience as an Information Systems Security Engineer (ISSE) on DoD National Security Systems (NSS); Seven years of relevant experience is required if candidate does not possess a Bachelor's degree.
- Experience with Enterprise Mission Assurance Support Service (eMASS) and RMF Knowledge Service (KS) platforms.
- Experience with implementing security controls and security engineering principles for enterprise and tactical systems.
- Experience with testing methodologies, automated tools [such as DISA Security Technical Implementation Guides (STIGs) and Assured Compliance Assessment Solution (ACAS)], and plans and procedures for verification of vulnerability identification and compliance requirements.
- Experience with modern networks, operating systems, databases, and virtual computing.
- Experience analyzing information technology and system risk in complex environments and articulating results to all levels of personnel.
- Experience conducting information system security control assessments (SCAs) and applying standard auditing techniques during systems security control assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient and recommending remedial action to Government customer to ensure compliance.
PHYSICAL REQUIREMENTS AND WORK ENVIRONMENT:The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. This position has both sedentary and physical active aspects. The sedentary work requires the following physical activities: reaching, sifting, lifting, finger dexterity, grasping, feeling, repetitive motions, talking, hearing and visual acuity. The physical work requires the following physical activities: walking, bending, reaching, sifting, lifting, hand dexterity, grasping, feeling, repetitive motions, talking, hearing and visual acuity.
Employee must be able to see and hear, read and write. Requires adaptability, analyzing, assessing, calculating, decision making, dependability, good judgment, reading, memorizing, social skills, speaking, stress control, writing. Ability to understand, remember, and apply oral and/or written instructions or other information; Ability to apply common sense in performing job. Ability to communicate at a high level - compose letters, outlines, memoranda, and complex reports, communicate technical information. Ability to compute, analyze, and interpret data for reporting purposes. Ability to make decisions which have a significant impact on the department's credibility, operations, and services.
Patricio Enterprises is a federal contractor subject to the Executive Order on Ensuring Adequate Covid Safety Protocols for Federal Contractors requiring all employees to be fully vaccinated.
By applying for this position, you acknowledge that you will be required to provide proof that you are fully vaccinated upon hire, or to verify that you cannot be vaccinated due to a legally recognized exception to the vaccine mandate set forth in the Executive Order.
Note: An individual is not considered to be fully vaccinated until two weeks after receiving the last vaccine dosage in a vaccine regimen, either single shot or multiple vaccine cycle.
TRAVEL REQUIREMENTS: Negligible.
EOE. Protected Veterans/Individuals with Disabilities.Patricio Enterprises Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)