TestPros, Inc

bookmark

Chief Cyber Security Engineer Architect Cyberspace

Computer Science

Full Time

Hampton, US

Posted 2 weeks ago

About the Job

Salary - $250000 - $500000/Year

Company Overview

TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 Assessment and Compliance, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.

TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.

Job Summary

TestPros is seeking a Chief Cyber Security Engineer Architect Cyberspace for a DOD contract. 

Position: Full-time

Citizenship: U.S. Citizenship

Location: Hampton Virginia, 23665 (Joint Base Langley Eustis (JBLE), Virginia)

Clearance:  Top Secret/SCI clearance preferred (or Secret clearable to TS/SCI)

Responsibilities

  • Engineer, design, implement, and test solutions/capabilities that enable a CDCC to support MDTs defending fighters, ISR air and data-centric platforms, weather and C2 systems, regardless of the parent MAJCOM. 
  • Serve as the cyber security subject matter expert for the assessment and authorization (A&A) and Continuous Monitoring processes.
  • Work closely with architects, engineers, and developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and enterprise solutions.
  • Provide security requirements to architects, engineers, and developers.
  • Assess and mitigate system security threats/risks throughout the program life cycle.
  • Demonstrate applicable knowledge and experience with Information Assurance/Cyber Engineering requirements, design and implementation to include systems engineering principles, requirements analysis, system development (software and hardware), network security architecture concepts (topology, protocols, components), and/or IT security principles and methods (firewalls, demilitarized zones, encryption).
  • Demonstrate applicable knowledge and experience with developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, security classification guidelines, configuration management plans, incident response (IR) plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans.
  • Demonstrate applicable knowledge and experience cloud security design, requirements analysis, control implementation, and mitigation.
  • Demonstrate applicable experience with ICD-503, FISMA and RMF/A&A processes, NIST SP (800-27, 30, 37, 53, 60, 137, 144,145), FIPS (199, 200), and CNNSSI 1253 technical controls and developing and maintaining associated certification and accreditation documentation.
  • Demonstrate applicable experience with cyber security toolset including anti-virus, Vulnerability Assessment, host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS).
  • Demonstrate applicable experience with performing security system scans for network, platform, database, and web services using different security tools (e.g., Nessus, WebInspect, AppDetective).
  • Contribute to aligning the CDCC as a mission-critical role that directly impacts Cyber Mission Assurance.
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event/incidents details and summary information.
  • Assist with implementation of counter-measures or mitigating controls.
  • Provide recommendations to leadership/customer on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies.
  • Provide information to management regarding the negative impact on the unit caused by theft, destruction, alteration or denial of access to information.
  • Provide advanced guidance and leadership to less-experienced team members.
  • Perform in-depth systems analysis and analyze events, alerts, and logs from both network (proxies, firewalls, Intrusion Detection and Prevention System (IDPS), network forensics), DCO-Internal Defensive Measures (IDM), and endpoint computing devices (laptops, workstations, servers) for tactical Incident Reporting (IR) purposes to identify malicious and activity of interest; netflow and packet capture data; and digital media (e.g., logs, code, phones, hard drives, memory dumps) to determine attack vectors and develop mitigation techniques.
  • Perform analysis of media collected from compromised systems, cyber incident forensic analysis to include determining scope, urgency, and potential impact; identifies the specific vulnerability exploited and makes recommendations that enable expeditious remediation.
  • Develop, disseminate, or brief engagement reports, technical reports and briefs based on analytic findings.
  • Create and add custom signatures, mitigate dynamic threats to the enterprise, and develop scripts and software using languages such as Python, Perl, and C++ to aid in their forensics analysis.
  • Construct and exploit open source and classified threat intelligence to detect, respond, and defeat advanced persistent threats (APTs).
  • Coordinate, notify, and collaborate with leadership and stakeholders as required.
  • Manage/shepherd design through the CDCC change control, review boards, and other approval processes.
  • Identify mission stakeholders and receive command buy-in.
  • Understand the mission, architecture (systems, sites, circuits, data flows, etc.), and cyber-threat picture of each mission system (may include Mission Relevant Terrain – Cyber assessment).
  • Perform assessments of existing data sources (e.g. sensors and other necessary enriching data), data classification guidance, and DCO capability for each mission system.
  • Design and engineer transport method, frequency, and security; applicable DCO tools; software or other hardware; and provide any data center requirements (space, power, connectivity, cooling, classification). May include COAs for leadership/customer decision.
  • Develop supporting technical documentation – CONOPS, topology diagrams, test plans, interface control documents (ICD), etc.
  • Manage/guide the design through mission system level change control, engineering review board, and other approval processes.
  • Implement the Risk Management Framework (RMF) methodology to successfully implement an IT process which shall effectively protect the element's information assets and its ability to perform its mission.
  • Function as a principal advisor on all matters, technical and otherwise, involving the security of information systems.
  • Ensure physical and environmental protection measures are coordinated with appropriate security officials.
  • Ensure Federal Information Security Management Act (FISMA) requirements are met.
  • Work with relevant organizations on transport design/solution – intra-building and intra-installation connectivity, long haul circuits, DISA, VPN, VLAN, VRF, etc., to provide secure and reliable connectivity and access by cyber/mission defense team.


Required Qualifications and Skills

  • US citizenship is required.
  • Bachelor's degree in Computer Science, Information Systems, Engineering, Business and related technical disciplines.
  • 10 years of experience on Air Force Weapon/Mission Systems
  • CompTIA Security+ Level II Certification IAW DoD 8570.01-M.
  • Possess and maintain a minimum Top Secret/SCI clearance for access to classified processing systems. A six month waiver may be granted to allow a contractor currently possessing a Secret clearance to obtain an interim Top Secret clearance and then a final Top Secret clearance within one year.


Benefits

TestPros offers a competitive salary, medical/dental/vision insurance, life insurance, paid time off, paid holidays, 401(k) retirement plan with company match, opportunities for professional growth, cell phone discounts, and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees.​

TestPros, Inc. is an Equal Opportunity Employer.

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, marital status, age, national origin, protected veteran status, or disability. VEVRAA Federal Contractor.

Posted 2 weeks ago

See More Relevant Jobs
BOEING

Senior Software Engineer - Missile Defense National Team

Computer Science
Usaf Academy, CO, US
Posted 2 weeks ago
bookmark
BOEING

Senior Software Engineer - Missile Defense National Team

Computer Science
Palmer Lake, CO, US
Posted 2 weeks ago
bookmark
CRB Consulting Group

Software Engineer

Computer Science
Bristol, US
Posted 2 weeks ago
bookmark

Landing Jobs in the US for International Students just got super easy

Learn how to network, prepare visa interviews and sure shot strategies to kickstart your career in the USA.

Know More