Cybersecurity Engineer II
Job Description
Our team, supporting Overmatch Engineering Support Services contract has an opening for a Cybersecurity Engineer II position in San Diego, CA. You will be responsible for performing Cybersecurity risk assessments on deployed Navy systems, system functions and interconnection, to the degree sufficient to provide relevant Cybersecurity input. As well as, providing input in the review and analysis of Acquisition Engineering documentation for programs in the RDT&E lifecycle Symantec Endpoint Protections (SEPs), Cybersecurity Strategy, System-Level Continuous Monitoring (SLCM) strategy, System Security Accreditation Plans, and System Design Specification (SDS). Primary responsibilities include:
* Provide recommended changes to the DoD and DON cybersecurity initiatives after evaluating the evolving changes and provide recommendations concerning priorities and identify policies affecting requirements criteria to support Navy cybersecurity goals and initiatives to develop and defend existing and future budgets, program plans, and policies
* Track operational changes to the DoD and DON cybersecurity initiatives and provide implementation guidance and identify policies affecting cost, schedule, and performance criteria to support Navy cybersecurity goals and initiatives in order to develop and defend existing and future budgets, program plans and policies
* Enhance the Cybersecurity strategy and governance to ensure that it is consistent with DoD and DON policies, standards, and architectures
* Provide recommendations and assistance to the Government during engineering events and with certification related functions required by NAVWAR's Information Assurance Technical Authority (IATA) mission. Related functions include: systems engineering technical reviews in which the Contractor will ensure cybersecurity posture is successfully met at each key program/project milestone and Program Protection Plan (PPP) (includes but is not limited to: cybersecurity strategy, security classification guide, critical program information (CPI), critical technologies (CT), anti-tamper plan, software assurance, and supply chain assessment)
* Evaluate cybersecurity requirements implementation across the acquisition lifecycle to make recommendations on cybersecurity risks and mitigations in support of IPTs, both internal and external to NAVWAR
* Evaluate cybersecurity technical approaches to support design and development efforts. When approaches are determined to be ineffective, inconsistent, or incompatible, the Contractor shall provide recommendations concerning technical and programmatic changes through point papers, reports, and or briefings
* Develop cybersecurity metrics to include data collection, monitoring, analysis, and reporting
* Evaluate independent cybersecurity technical assessments for cyber risk, software assurance, penetration testing, and other related cybersecurity testing
* Observe and document cybersecurity evaluations throughout the requirements, engineering, testing, and development phases of acquisition (e.g., RMF, Systems Engineering Technical Review (SETR), cyber risk to mission, and cybersecurity readiness)
* Develop deliverables as they relate to tools, standards, and processes for Cybersecurity for efforts in the RDT&E phase of the acquisition life cycle
* Identify risks associated with the development of enterprise architectures to address system of system cybersecurity designs, maximizing common and inheritable security controls in support of a defense in depth strategy through the utilization of digital engineering methods (e.g. model based systems engineering) for efforts in the RDT&E phase of the acquisition life cycle
* Track cybersecurity implementation across the acquisition lifecycle to make recommendations on cybersecurity risks and mitigations in support of IPTs, SETRs, Platform Technical Review Boards (PTRBs), Configuration Control Board (CCBs), both internal and external to NAVWAR
* Monitor cybersecurity technical approaches to ensure consistency with the IA TA objectives. When approaches are determined to be ineffective, inconsistent, or incompatible, the Contractor shall provide recommendations concerning technical and programmatic changes through point papers, reports, and or briefings
* Track and document cybersecurity evaluations throughout the engineering, procurement, certification, and sustainment phases of acquisition (e.g., RMF, SETR, cyber risk to mission, and cybersecurity readiness)
* Modify and maintain cybersecurity System and SoS engineering technical reports, analysis, briefings, and meeting minutes
* Three (3) years of professional experience in cybersecurity engineering
* Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M
*Position Contingent Upon Contract Award*
*Please mention you saw this ad on AcademicJobs.*