Risk Management Engineer

OBXtek Inc.

OBXtek is an award winning Service Disabled Veteran Owned Small Business providing information technology and management services to the federal government.  As the prime contractor on over 85% of its work,  OBXtek is a leader in its field and has a robust corporate infrastructure that provides support for all of its programs.  OBXtek has realized exceptional growth over the last four years and has been awarded prime contracts with 10 federal agencies. Solid Financial Resources and low Employee Turnover (5%)

• Inc. 500 – Ranked #11 Fastest Growing Company in the U.S. and #2 in Government Services for 2013
• DiversityBusiness.com - selected OBXtek as one of the Top Disabled Veteran Owned Businesses in the U.S for 2013.
• ISO 9001-2008 Registered Quality Management System
• 96% Positive Customer Performance Approval Rating – Dun and Bradstreet (D&B) Open Ratings
• DCAA Approved Accounting System
• D&B 3A1 Rating and Established Line of Credit

Due to our growth, we have an excellent opportunity for a RISK MANAGEMENT ENGINEER.

The Risk Management (RM) Engineer functions as an information system security testing subject matter expert (SME) by providing expertise in developing and implementing security testing for multiple Consular Affairs/Consular Systems and Technology (CA/CST) systems during the Annual Control Assessments (ACAs).  In addition, the RM Engineer tracks and reports status, and brings any obstacles that may impact the completion of the ACA to the attention of the PM of RM Team Lead in a timely manner.  The RM Engineer ensures that ACA packages are submitted to IA and follows up to ensure IA approval of ACAs prior to fiscal year end.  The RM Engineer has the following roles:  

Annual Control Assessment (ACA) Engineer: The ACA Engineer is responsible for conducting and completing Annual Control Assessments for all Department of State CA Automated Information Systems (AIS) as part of continuous monitoring.  This responsibility requires the engineer to complete work in a timely manner, conduct technical testing, and interview various government employees and contractors.  This position requires a working knowledge of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and previous experience with the technical security testing of various types of software (e.g., MS SQL Server, Windows, Linux, Oracle, and Internet Information Server).  The ACA Engineer should be familiar with Commercial-Off-The-Shelf (COTS) products used to facilitate the Assessment and Authorization (A&A) of systems.  The ACA Engineer is responsible for entering all ACA results into the Consular Affairs Certification and Accreditation (CACAMS) COTS application and creating Plan of Action and Milestones (POA&M) that result from the ACA so that are actionable with realistic dates.

If interested and qualified kindly send your resume in confidence to  Stanley Joe at  AND provide your salary requirements.

REQUIRED: CISSP OR CAP, Secret Clearance, ORACLE CERTIFICATION, IA experience

RECOMENDED: CAP Masters degree in a related field, other IT/Security Certifications

All your information will be kept confidential according to EEO guidelines.