- Works within the Risk Management Framework (DoD 5200.01, NIST SP 800-37r2) to perform implementation, monitoring, and documentation of defined system security configurations.
- Performs system and security administration tasks on both Linux and Windows, server and desktop operating systems.
- Applies network and system architecture design principles and concepts.
- Use of industry standards, emerging technologies and innovative solutions.
- Use of tools including HBSS, McAfee ePO, ACAS/Nessus, and syslog.
- Implements and deploys various server applications, e.g. enterprise back-up, centralized update services, HBSS/ACAS in a multi-platform environment, security auditing tools, log aggregation.
- Collaborative involvement with project engineers to merge security baselines with their functional simulation subsystem software and mitigate any consequential operational or performance issues.
- Involves writing technical procedures, interpreting and compiling vulnerability audit results, and creating technical document packages used to obtain DoD security authorization.
- Varies between a collaborative group setting and working alone with no supervision.
- Demands strong communication and analytical problem-solving skills.
- Requires direct experience with DoD Information Assurance policies and procedures.
- Experience creating DoD Risk Management Framework (RMF) packages and associated work products.
- Experience with NIST SP 800-53 Rev4, CNSSI, or National Industrial Security Program Operating Manual (NISPOM) Assessment and Authorization (A&A) activities to include Security Technical Implementation Guides (STIG) assessment & remediation and maintaining Plan of Action and Milestone (POA&M) documentation.
- Experience planning, creating, and, tracking of ongoing authorization inputs and artifacts to support Authorization to Operate (ATO) decisions.
- Experience with MS Windows operating systems.
- Experience with Red Hat/CentOS Linux operating systems.
- Experience with TCP/IP networking.
- Experience with centralized management services (Active Directory) preferred.
- Understanding of SCAP/OVAL Benchmarks.
- Must currently hold CompTIA Security+ CE certification, or equivalent DoD 8570.01-M IAT Level II certification (or higher).
- Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- MUST be a U.S. Citizen AND able to obtain a Department of Defense security clearance.
- ASI is Drug Free Workplace so candidate must be able to pass entry and random drug testing.
- Ability to multi-task in fast-paced dynamic environment.
- Required to communicate in English.
- Required to sit and use their hands and fingers, to handle or feel and to manipulate keys on a keyboard.
- Required to stand, walk, reach with arms and hands, climb or balance, and to stoop, kneel, crouch or crawl.
- Vision abilities required by this job include close vision.
- Available to perform travel from time to time.
- While performing the responsibilities of the Cyber Security Engineer, the work environment characteristics are representative of the office environment. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of the job.
- The noise level in the work environment is usually quiet to moderate unless in a manufacturing area.