Cybersecurity Engineer (contingent 034)

Title: Cybersecurity Engineer (contingent 034)

Location: APG, MD

Experience with Digital Engineering practices and implementation. Provide Cybersecurity engineering subject matter expertise.  Oversee product teams to ensure cybersecurity objectives are met. TS/SCI is required.

Responsibilities:

• A subject matter expert on Cybersecurity/Information Assurance activities based upon a comprehensive knowledge of the principles, policies such as DoD Instruction 8500.01, DoD Instruction 8510.01, AR 25-1 and AR 25-2, pertinent laws, regulatory requirements and procedures applicable to each program management office, HQ staff, and other external organizations.


• Review Cybersecurity packages (RMF), using eMASS for content and presentation of evidence of proper implementation of Cybersecurity requirements for the Designated Approving Authority (DAA/AO).


• Provide feedback and consultation to Information System Security Officers (ISSO’s) to ensure that Authorization to Operate (ATO), Interim Approval to Operate (IATO), Interim Authority to Test (IATT), and Approval to Connect (ATC) packages meet the CPE standard.


• Provide technical expertise to PMs in developing Cybersecurity Strategies (CSSs) as required, coordinate these CSSs with HQDA for Army Approval in order to support major milestone decisions.


• Review and coordinate with appropriate stakeholders to respond to taskings from HQDA, Staff, other agencies, and Warfighters in the field as they relate to Cybersecurity Tactical and Developmental systems.


• Maintain the APMS (Army Portfolio Management Solution) database for tracking Information Assurance accreditation status and provide portfolio (acquisition) management oversight of all the Program Manager’s projects, for FISMA (Federal Information Security Management Act) compliance.


• Manage and maintain on-line repository of current CPE IEW&S Authorization and Accreditation (A&A) documentation within all cybersecurity repositories (eMASS, Xacta), and the Army Knowledge On-line (AKO)-SIPRNET.


• Consult with PM staff with regard to the implementation of the Risk Management Framework (RMF) and associated security controls.


• Serve as a subject-matter expert for the implementation of component-level policy, coordinate exceptions to policy at the headquarters level for tactical equipment and mission requirements.


• Identify cybersecurity requirements for systems in acquisition or development to comply with published RMF requirements, Cyber Tasking Orders (CTOs), Security Technical Implementation Guides (STIGs), policies, and analyze the requirements development and design process across the program offices.


• Provide leadership portions of vulnerability management and Assess and Authorization (A&A) processes, including analyzing, reviewing, or verifying Plans of Action and Milestones (POA&Ms), evaluating the overall risk and making recommendations to the Authorizing Official.


• Develop cybersecurity education, training, mitigation strategies, and cybersecurity awareness at the headquarters level.


• Develop processes to assist the Army in the development and lifecycle of information system packages.


• Plan, execute and provide technical expertise in obtaining ATO or appropriate interim authorities

Education/Experience:

• Bachelor degree and a minimum of five (5) years related work experience is required.