Description of Position:
We inspire excellence. Across air, land, sea, space and cyber domains, our customers perform on the world’s most challenging frontlines – and we are proud to employ innovators and problem solvers dedicated to delivering mission critical solutions our customers depend on. Our commitment to speed, innovation and flawless execution are matched only by our dedication to providing every employee with an inclusive environment with rewarding career opportunities.
As a global technology innovator, we employ over 50,000 employees around the world, nearly 20,000 of whom are engineers. From multi-domain communications, commercial aviation systems and intelligence, surveillance and reconnaissance systems to electronic warfare, space systems and maritime solutions – our technologies are helping change the way our customers meet their goals.
Tasks and Responsibilities:
Required Skills, Abilities, and Certifications:
- Lead NSA Type-1 Certification efforts to include leading development of NSA CDRLs, requirements development and guiding NSA requirements implementation for assigned programs.
- Expected to contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities.
- Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC).
- Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications.
- Provide Information Assurance (IA) technical leadership for development teams of new multi-discipline (mechanical, electrical, software, RF, etc.) products.
- Responsible for developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer / product requirements.
- Provide IA technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews.
- Work closely with Program Managers, Systems Engineering and other engineering disciplines.
- Brief senior management on all aspects of Security Engineering.
- Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools).
- Conduct complex security architecture analysis to evaluate and mitigate risks.
- Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, and Security Assessment Plans and Procedures (SAPP).
- Bachelor’s Degree and minimum 6 years of prior relevant experience.
- Graduate Degree and a minimum of 4 years of prior related experience.
- DoD 8570.01-M IASAE Level 2 certification (e.g. CASP+ CE or CISSP (or Associate)).
- RMF Authorization experience.
- Active Secret security clearance required.
Preferred Additional Skills:
- Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC.
- Experience in the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
- Strong understanding of engineering processes, concepts and information security systems engineering principles (NIST SP 800-160 Vol1).
- System testing and evaluation methods and RMF assessment methodology & process.
- Experience with Model Based System Engineering (UML, SysML, DoDAF).
- Experience with application of STIGs.
- Experience in securing operating systems (Windows, Linux, Cisco IOS, etc.).
- Self-motivation, able to work well independently and within inter-disciplinary engineering teams.