Cyber Security Engineer / Analyst (Baltimore, MD)

| Baltimore, MD
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Position Description

If you love high profile and challenging cyber security projects supporting the US Navy- Serco has a great opportunity for you! This Senior Information Assurance Analyst will liaison with the various Program Executive Office cyber staff, related to training system acquisition and Information Assurance (IA) accreditation. This position will assist with all actions required to ensure systems achieve and maintain Authority to Operate (ATO). Bring your expertise and collaborative skills to make an impact towards our military cyber security and safety of our sailors.

Serve in the capacity as a Cyber Security Subject Matter Expert (SME) for NAVSEA client PMS 339 Cyber APM. Liaison with the various Program Executive Office cyber staff, related to training system acquisition and Information Assurance (IA) accreditation. This position will assist PMS 339 with all actions required to ensure systems achieve and maintain Authority to Operate (ATO). Involved in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments

The Cyber Security Engineer / Analyst will:
  • Conduct A&A and C&A activities through RMF for Defense Business Systems, Research, Development, Test and Evaluation (RDT&E), and Platform Information Technology (PIT) ISs and networks and system registered within Navy Enterprise Mission Assurance Support Services (eMASS) or its successor, in accordance with current DoD, DON, and NAVSEA policies.
  • Conduct in-depth technical reviews of A&A and C&A documentation from NAVSEA Program Executive Offices (PEOs) and field activities seeking authorization and/or accreditation from the Navy Authorizing Official (NAO) or the Functional Authorizing Official (FAO) in accordance with appropriate policies and procedures. Based on the technical reviews conducted, the contractor shall develop recommendations for correctives actions and/or courses of action. This includes, but is not limited to, recommendations on the following: validation test procedures, validation artifacts, validation plans and procedures, compliance status, validation tests, and validation results/repots and supporting documentation.
  • Assist Surface Warfare Training Systems (PMS 339), and liaison with SEA 21 and NAVSEA field activities in preparing their A&A and/or C&A documentation for submission to the NAO/FAO.
  • Performing all required and approved SCA Liaison RMF process steps, as outlined in the Navy Risk Management Framework (RMF) Process Guide v1.0
  • Assessing approved technical and non-technical security features of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies
  • Acting as an independent and impartial assessor to determine and certify aggregate cybersecurity risk for recommendation to the SCA
  • Participating in RMF Checkpoints and providing initial concurrence on behalf of the SCA for the Security Assessment Plan (SAP), ensuring all appropriate security controls will be assessed for compliance
  • Approving the Security Assessment Report with SCA concurrence
  • Auditing RMF authorization packages
  • Ensuring RMF packages are correctly entered in eMASS by the ISSM and ISSE in accordance with the eMASS User Guide
  • Schedule and facilitate collaboration meetings between the Security Controls Assessor (SCA), NAVSEA Echelon II representatives, and appropriate program offices, Warfare Centers and Engineering Agents
  • Assist in executing Cyber Security Assistance Visits at various NAVSEA activities with focus on the A&A and C&A efforts of the activity being assisted. Trips are usually 3 to 5 days in duration and estimated to occur 6 to 8 times per year
  • Maintain the Department of Defense Information Technology Portfolio Repository - Department of the Navy (DITPR-DON) database, used to record the present status of all NAVY IT systems.
  • Assist the Cyber PM, Warfare centers and engineering agents in the implementation and execution of DOD and DON cyber directives and policy and directives and policies.
  • Provide reports as required such as, but not limited to, weekly metrics regarding A&A packages, risk metrics and data calls.


Qualifications

The Cyber Security Engineer / Analyst will have:
  • An Active DoD Issued Security Clearance at time of application.
    • Sponsorship is not available.
  • A Bachelor's degree in Information Assurance, Computer Science or a related field plus 8 to 10 years of directly related experience.
    • Educational requirements may be adjusted or waived for applicable work experience and / or CISSP certification.
  • Fully Qualified Navy Validator (FQNV) certification with transition to Navy Qualified Validator (NQV) appointment under RMF
  • IAT Level II certification or higher is required (i.e. Security +, GSEC, CySA+, CCNA Security, SSCP, GISCP, CISSP, CISM, CAP, CISA, CCNP Security, or GSLC.)
  • Proficiency with Navy Certification and Accreditation (C&A) processes is required.
  • Experience with Navy systems and organizations is a plus.

Required Knowledge, Skills and Abilities:
  • Expert level knowledge of Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF) and ability to assess security controls is required.
  • Understanding of the RMF risk assessment process, and Navy Testing Guidance to include proper mitigation strategies.
  • Ability to communicate effectively and clearly present technical approaches and findings.
  • Ability to apply technical expertise and may have knowledge of other related disciplines.
  • Ability to work effectively in a diverse work group.
  • Excellent written and verbal communication skills.


Company Overview

Serco Inc. (Serco) is the Americas division of Serco Group, plc. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state and local governments, and commercial clients. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Headquartered in Herndon, Virginia, Serco Americas has over 9,000 employees and is part of a $4 billion global business that helps transform government and public services around the world. At Serco, our employees are our most valuable asset - we listen, respect and support them throughout their career at Serco. We invite you to become part of our dynamic team. Serco is an equal opportunity employer committed to diversifying our workforce (Race/ Color/ Sex/ Sexual Orientation/ Gender Identity/ Religion/ National Origin/ Disability/ Vets).

To review Serco benefits please visit: https://www.serco.com/na/careers/benefits-of-choosing-serco.

If you require an accommodation with the application process please email: [email protected] or call the HR Service Desk at 800-628-6458, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email.

Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email [email protected]

COVID-19 Regulations: Serco complies with all applicable COVID-19 requirements. This may require employees to be vaccinated against COVID-19, provide attestations regarding vaccination status and/or COVID-19 testing, or satisfy other conditions of employment that Serco deems appropriate, and employees may be required to show proof of vaccination and/or negative COVID-19 test results as a condition of employment (except in limited circumstances where an employee is legally entitled to an accommodation).
More Information on Serco
Serco operates in the Healthtech industry. The company is located in Reston, VA. Serco was founded in 1988. It has 28774 total employees. It offers perks and benefits such as Dental Benefits, Health Insurance Benefits, Paid Holidays, Paid Sick Days, Job Training & Conferences. To see all 117 open jobs at Serco, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Serco's full profileFind similar jobs