Information Systems Security Engineer #5218

Company Overview

GovCIO is a team of transformers–people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation governmental operations that improve the citizen experience every day.

But we can’t do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We’re changing the face of I.T. – from our diverse staff to the end-products we develop. And we’re excited to expand our team. Are you ready to be a transformer?

Responsibilities

The ideal candidate primary function is:

• Support the authorization of systems through the Risk Management Framework (RMF) to get an Interim Authority to Operate (IATO) or ATO
• Support the categorization of Information System(s) (IS) to be accredited through the RMF process and support the development of the System Security Plan (SSP)
• Support the determination and selection of the required and/or applicable security controls to include the development of Memorandum of Understanding (MOU) or Memorandum of Agreement (MOA) for external systems and the development and implementation of an IS Continuous Monitoring (ISCM) plan
• Support the implementation of selected security controls specified in the SSP to the IS and its environment of operation
• Support the development, review, and approval of Security Assessment Plan (SAP) and System Assessment Report (SAR)
• Perform periodic security scans and remediating findings based on the scan results
• Support the development of the Plan of Action and Milestones (POA&M) and the development and update of the Security Authorization Package (SAP)
• Perform periodic assessment of the IS’ security controls and develop the periodic ISCM report

Qualifications

• High School with 10+ years (or commensurate experience)
• Active Top Secret/SCI eligible security clearance
• VMware Certified Professional certification
• Technical training related to Information Technology, Cyber Security, Computer Science, or related discipline
• At a minimum, an up-to-date Information Assurance Technical (IAT) Level II baseline certification
• 5 years’ knowledge and experience in installing, maintaining, and using ACAS, HBSS, SCAP and other cybersecurity related tools
• At least HBSS or ACAS certification/training certificate or both (both courses are desired)
• Cybersecurity and IT related knowledge and experience
• RMF knowledge and experience
• Proficiency in Microsoft Word, PowerPoint, Excel

Desired Qualifications

• Kibana and Logstash
• Evaluate-STIG
• Microsoft Active Directory and Group Policy Management
• VMWare vSphere, vCenter, and Horizon View
• Both HBSS & ACAS certification/training
• Familiar with the evaluation/implementation processes for DISA STIGs to include Windows Server 2016, Server 2019, Windows 10 and VMWare ESxi hosts
• 5+ years of experience with Microsoft Windows and Server configuration and administration
• 5+ years of experience with implementing VMware, Linux, and Windows STIGs

#cjpost