Sotera Defense Solutions

[DAI – C&A] Senior Certification and Accreditation Engineer - Assured Compliance Assessment Solution (ACAS)(SSES NG LC ISE-SL) 1-13-17 v1

US-AZ-Sierra Vista | US-AZ
3 months ago
ID
2017-9370
Category
Engineering
Clearance
TS/SCI

Description

 

Join our certification and accreditation engineering team.  We are responsible for the implementation of the DoD RMF (Risk Management Framework) that supports development, integration, test, and cyber security of the DCGS-A family of systems and products. The certification and accreditation engineering team identifies, researches, and implements a full documented RMF approach and performs ACAS security scanning within an environment both for physical and virtual infrastructure.  Our goal is to enhance the building, infrastructure, and system security while not impeding performance of the services that support our organization.  

 

Responsibilities 

 

As a Certification and Accreditation Engineer, you will be part of a team that provides RMF support to the Software Engineering Center (SEC) Intelligence Support Division (ISD). To include evaluating system security requirements to ensure all infrastructure and development systems can be accredited for processing at appropriate classification levels in compliance with applicable policies, regulations, and guidelines.  Specifically, you will: 

  • Plan for accreditation
    • Support and advise on Information Assurance issues/concerns  
    • Identify security risk analysis, mitigation, evaluation, and reporting in support of IA C&A processes 
    • Develop draft ACAS sustainment support documentation for updating and utilization of current and future architectures, change control, configuration management, and operations procedures 
    • Configure ACAS Security Center (ie., build repositories, accounts, credentials, scan zones, etc) based on DISA guidelines
  • Define system boundaries
    • Perform assessments to identify active devices on the network by OS
    • Map the network and identify assets and if there is segmentation
    • If possible provide graphic of network design to specified audience as directed (ie, Management and technicians).
  • Determine the vulnerabilities
    • Build assets lists of discovered assets and segregate by OS
    • Build custom scan policies when needed using latest DISA/Vendor Benchmarks and DISA STIGs
    • Build scans using custom and latest Army policy
    • Schedule scans
  • Report
    • Develop and prepare technical reports and related documentation for Certification and Accreditation (C&A) packages
    • Provides detailed system test and scan reports as well as the Plan of Action and Methods (POA&M) document for all tested systems/networks
    • Build custom report templates specific to audience with degree of granularity specific to audience (Technical/Managerial)
    • Create remediation report specific to audience with degree of granularity specific to audience (Technical/Managerial)
  • Remediate
    • Research and analyze DoD and Department of the Army (DA) policies to mitigate implementation problems that may impact the ACAS implementation 
    • Coordinate with the IT Infrastructure to implement Security Technical Implementation Guide (STIG) changes that apply to the infrastructure baselines.

Requirements

Minimum Qualifications 

  • A bachelor's degree in Computer Science or other Engineering or Technical Discipline and ten (10) years of professional work experience (or twelve (12) years’ of professional experience, appropriate computing environment certification, and IA Workforce System Architecture and Engineer (IASAE) Specialty qualified experience in place of a degree) is required. 
  • Must be knowledgeable with the Security Technical Implementation Guides (STIGs),  and all assessment and authorization policies and directives (i.e., DoDI 8510.01) for RMF 
  • Three to five years' experience installing, configuring, administering and operating Tenable Security Center and Nessus Scanner, known as Assured Compliance Assessment Solution (ACAS) in the DoD environment.  
  • Demonstrated experience with virtualization in a DoD environment 
  • Solid understanding of Microsoft, Linux/Solaris operating systems and networking 
  • Knowledge and experience in working with Firewalls  
  • Knowledge and experience in working with Intrusion Detection and Prevention Systems (IDPS) 
  • Familiarity with the DIACAP program 
  • Ability to work independently and in a mentorship position 
  • Current DoD 8570 IAT level II certification requirements (e.g Security+ce) 
  • Active TS-SCI Clearance   

Preferred Qualifications 

  • Demonstrated skills and expertise in the following technologies: SQL/XSQL Server Administrator (SA), Microsoft O/S and security, Information Assurance (IA), IP Data Networking and Vulnerability Assessment product engineering and design, IP network vulnerability scanner Tier 3 support, REM 3.X / Retina 5.X and greater, ACAS Security Center 4.X / Nessus 5.X or greater and HP Tenable Nessus products. 
  • IAT-III with CISA, GCIH, GCED, CASP or CISSP 
  • Formal EMASS training
  • FedVTE ACAS certified
  • Firsthand experience with a successful RMF program 

#CB

About The Organization

Sotera Defense Solutions, Inc. (Sotera) is an agile, mid-size national security technology company that delivers innovative systems, solutions and services in support of the critical missions of the Intelligence Community, Department of Defense, Department of Homeland Security and federal law enforcement agencies charged with ensuring the safety and security of our nation. Our 1,200 employees are focused on delivering essential counterterrorism, cyber operations, intelligence, data analytics, C4ISR and force mobility solutions to our customers throughout the national security community.

 

Sotera Defense Solutions is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

 

If you require a reasonable accommodation to apply for a position with Sotera through its online applicant system, please contact Sotera’s recruiting team at recruiting@soteradefense.com.  

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed