This job listing has expired and the position may no longer be open for hire.

Cybersecurity Engineer (Government) Fort Bragg at AT&T

Posted in Other 30+ days ago.

Location: Durham, North Carolina

Job Description:
Provides security engineering designs and implementation in all aspects of Cybersecurity and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance. For security professionals providing systems security analysis, use Computer Systems Security Analysis (E121, L121). For information security professionals providing security risk and analysis, use Info Systems Security Risk and Analysis (E937, L937). The Cybersecurity Engineer supports the Information Assurance Program Management Division of the U.S. Army Reserve (USAR) G-6 at Fort Bragg.

Responsibilities include:
  • Maintain and verify compliance of USAR systems
  • Recommend best business practices and secure methodologies to maintain and/or improve security posture of USAR Information Systems, the network, and remedy deficiencies
  • Awareness of vulnerabilities and newest patches
  • verify the USAR has applied appropriate patches, STIGs, and control mechanisms as per directives
  • Assist in development and tracking of POA&Ms and work with USAR sites for timely closure
  • Provide recommendations to address gaps in compliance
  • Verify findings of Staff Assistance Visits (SAV)/site inspections have been resolved, and work with the sites to bring their sites and systems into compliance
  • Generate compliance assessment reports based on compliance data and scanning results gathered from existing tools
  • Provide expertise to resolve computer security incidents and vulnerability compliance, assessing vulnerabilities due to evolving technologies, and security engineering services with recommendations throughout project lifecycles
  • The Candidate must have the following:
  • Possess and demonstrate a level of understanding of Risk Management Framework (RMF) and DOD Information Assurance Certification & Accreditation Process (DIACAP)
  • Experience working in a team environment and possess the ability to plan and execute tasks efficiently and gather and disseminate information working with peers, subordinates and management
  • Experience with software installation/distribution and configuration management
  • Technical understanding of network computer security including processing of data from Unclassified to SECRET, server hardware and software, data bases, file systems, and integration of cryptographic components
  • Demonstrated expertise in integration of security requirements applied computer networks connected to US Government and foreign government networks
  • Ability to analyze results of CCRIs in support of Information Assurance / Computer Network Defense / Cyber Defense accreditation for unclassified and classified information systems and networks
  • Experience with developing and flowing requirements, security design definition, integration and testing
  • Experience with Information Assurance Vulnerability Management (IAVM) tools and procedures and other cyber protection tools
  • Experience with verifying compliance through analysis of CCRI, SAV, ACAS results, POA&M tracking, and analysis of mitigation efforts
  • Experience performing vulnerability analysis assessments
  • Ability to work independently under general direction with subordinates, staff and supervisors to define and translate IAVM compliance reports.

  • Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 2 years of professional experience; or no experience required with a related Master’s degree
  • DoD 8570 IAT Level 2 (Security+)
  • Possess an in-depth understanding of networking architectures and security elements to include 3 or more of the following: network and host based intrusion detection systems, antivirus, SIEM and event correlation, incident response, file integrity monitoring, full packet capture, forensics, and encryption
  • In-depth experience with vulnerability analysis assessments; experience in verification methods for determining that appropriate patches, STIGs, and control mechanisms have been applied and are compliant
  • Knowledgeable of Risk Management Framework tools and procedures
  • Familiarity with one or more of the following standards: DoD8500.1, DoD8500.2, DIACAP
  • Experience with Cyber certifications, tools and procedures
  • Experience with Cyber tool mapping and contribute to cyber tool planning
  • Experience in systems engineering, system security design and requirements analysis
  • Advanced communication and presentation skills (verbal and written)
  • Strong interpersonal, organizational and critical thinking/problem solving skills

Desired Experience, Education, and Certifications:
  • Experience working in a customer environment
  • Additional certifications for DoD Information Assurance Technical (IAT) Level II. Certification for DoD Information Assurance Manager (IAM) Level III and have one of the following certifications: GIAC Security Leadership Certification (GSLC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or Associate
  • Experience with development or review of PO&AMs and knowledgeable of POA&M tracking
  • Experience in scanning tools such as ACAS, current DIACAP or RMF repository tools such as the Enterprise Mission Assurance Support Service (eMASS)
  • Knowledgeable of DoD and Army Ports, Protocols, and Services Management (PPSM)
  • Experience with NIST RMF processes and artifact development
  • Experience developing and interpreting design requirements and implementation roadmaps, metrics and other controls to monitor and report on program progress and health
  • Degree in Cyber, Information Assurance, Computer Science, Software Engineering, Systems Engineering, or Electrical Engineering
  • Ability to work task assignments independently and effectively in a team environment
  • Ability to decompose requirements to assure accurate and efficient flow to meet and help drive business guidelines and program contractual needs

Required Clearance: Active SECRET

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V