Location: Fort Meade, MD
Status: Regular Full-Time
Minimum Clearance: Secret
Brooksource is looking for a Cyber Security Analyst/Engineer to work as a member of a team supporting DISA. The CS Engineer will assist with the creation, update, and maintenance of System Security Plans and artifacts related to achieving and maintaining A&A of multiple enclaves. The successful candidate will provide continuing security engineering support for the DISA Global Video Services (GVS) legacy appliance based infrastructure as well as the virtual cloud hosted GVS infrastructure, ensuring all Cybersecurity requirements are compliant with all applicable DoD/DISA Cybersecurity requirements, directives, regulations, and US Laws; support and maintain the overall GVS accreditation/authorization status including analyzing and evaluating hardware and software changes related to the resolution of IAVAs/IAVBs for IP video systems and products that are operational and that are being implemented and deployed; provide and maintain all the security documentation necessary to achieve and maintain ongoing security accreditation/authorization for Government approval; analyze Information Assurance IAVAs/IAVBs related to the system operation and provide remediation guidance.
- Understand/document information system specifications including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
- Work with senior engineers to advise application owners on multiple courses of action in an environment with changing unconfirmed CS policy, e.g., NIST RMF.
- Document multiple courses of action and identify risk mitigation recommendations in accordance with CS policy and best practices, with associated benefits/drawbacks to each.
- Understand and recommend implementation and strategies for using DoD security and accreditation systems with respect to data elements, e.g., EMASS.
- Apply enterprise security frameworks and capabilities, such as FISMA, NIST SP800, etc. towards existing initiatives such as migrating systems to cloud environments.
- Inform application owners on required testing, validation, and audit requirements, including annual Federal Information Security Act (FISMA), DISA CCRI, and other ARCYBER computer network defense security validation mechanisms.
- Advise application owners on required system CS artifacts/processes, including Authority to Operate, System Acceptance Testing Authorities, and related approvals.
- Identify and document required business user functionality and directly associated applicable CS requirements. Ability to identify and recommend CS-compliant solutions that meet customer requirements.
- 5+ years performing DIACAP and RMF compliance as a Cybersecurity specialist/engineer.
- Demonstrated knowledge and the ability to analyze systems for Cybersecurity compliance.
- Ability to work in fast-paced, team-oriented environment.
- Knowledge of DoD policies and risk assessment methodologies.
- Experience in writing or executing system security documentation, authorization to operate packages, POA&Ms, and policies.
- Experience in reviewing/editing/writing technical documents.
Clearance and Education
The selected candidate must have an active Secret Clearance to start employment.
- US CITIZENSHIP is required.
- DoD 8570.01-M IAT-II certification is required.
- BS; Education may be substituted for experience on a case by case basis
Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.