System Security Engineer

San Diego, CA, United States

Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years.

Candidate will be providing Information Security Analytics Support to Command, Control, Communications, Computers, Combat Systems, and Intelligence (C5I) / Cyber Readiness Program Mission and Infrastructure Support Services to Commander, Naval Surface Forces, Pacific (CNSP) N6 Department Staff and Divisions. Specific duties are listed below.

Responsibilities

Provide cybersecurity and Risk Management SME(s) with documented experience, capabilities, training, and technical certification in accordance with DoD 8140 and SECNAV 5239 requirements

Proven experience in Assured Compliance Assessment Solution (ACAS) scanning procedures and Security Center development

Proven experience in Host Based Security System (HBSS) to include policy development and tuning for all DOD-mandated point products

Patching experience for both Windows and Linux systems.

Risk Management Framework (RMF) Support. Perform RMF support in accordance with DoDI 8510.01 "Risk Management Framework (RMF) for DoD Information Technology, including control validation, documentation development and support, Navy Approving Official (NAO) coordination assistance, and continuous monitoring support, as required, for CNSP Centrally Managed Programs (CMPs).

Develop and maintain the cybersecurity architecture of the CMP, perform Business Case Analysis (BCA) development, and perform required site surveys for both site and system Authority to Operate (ATOs).

Perform all required and approved Information System Security Engineer (ISSE) RMF process steps including the following:

Overseeing the development and maintenance of a system's cybersecurity solutions

Identifying system type (IS, PIT, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, Privacy Impact Information (PII), Protected Health Information (PHI), tactical, space, etc., to support RMF Step 1 System Categorization.

Identifying the security control baseline set and any applicable overlays and tailoring

Perform development, maintenance, and tracking of the SP.

Perform security control implementation and testing efforts.

Initiating the Risk Assessment Report (RAR).

Perform security testing required as part of Authorization and Accreditation (A&A) or annual reviews, to include scanning, patching, and HBSS implementation and policy development.

Mitigate and close open vulnerabilities under the system's change control process

Participate in any related meetings or teleconferences with assessors, validators, or approving authorities to support A&A requirements.

Develop the documents required for Authority to Operate (ATOs) decisions and maintaining compliance.

Support eMASS, DITPR-DON, and DADMS entries for CMPs.

Support VRAM tracking, acknowledgment, and scanning, as required, for CMPs.

Command Policy development. Perform research and development of command cybersecurity and information assurance policies under the Force ISSM's purview.

Inspection support. Perform research and development of requirements and processes for command cybersecurity and information assurance inspections.

Develop briefs, checklists, and documentation necessary to self-assess and conduct inspection requirements.

Spillage and SITREP Support. Provide track command Situation Report (SITREP) actions, reports, and submittals.

Perform e-spillage coordination, tracking, and reporting.

Requirements Must possess and maintain an active U.S Government SECRET Clearance.

Bachelor's Degree preferred but not required.

Strong leadership, organizational, planning, communication, and time management skills; the ability to multi-task and work against strict deadlines is critical.

Strict attention to detail - must be detail oriented.

Availability and willingness to lift materials up to 50 lbs., and perform squatting, kneeling, and extended standing.

Ability to travel occasionally, up to 25%.

Must possess and maintain IAT Level 2 (e.g. CompTIA Security+ CE).

Preferred Technical Skills Possess the requisite training, experience, and/or certifications necessary to perform Risk Management and Information Systems Security functions in accordance with DOD and DON requirements.

Competent in Microsoft Office, MS Project, and MS Outlook.

Familiarity with MS TEAMS.

Proven experience in Assured Compliance Assessment Solution (ACAS) scanning procedures and Security Center development

Proven experience in Host Based Security System (HBSS) to include policy development and tuning for all DOD-mandated point products

Patching experience for both Windows and Linux systems.

Familiarity with eMASS portal

Familiarity with DITPR-DON / DADMS portal

Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status a qualified individual with a disability.

EEO/Employer/Vet/Disabled