Job Title ConMon Cyber Systems Engineer (Continuous Monitoring) Location Chantilly, VA US (Primary) Job Type Full-time Category IT Security Job Description Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support Position Description: The ConMon Cyber Engineer provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:
- Support the Information Security Continuous Monitoring (ISCM) Program Lead in maturing the customer's Continuous Monitoring (ConMon) program.
- Generate and lead ConMon process improvement activities
- Coordinate with the Cyber Data Science team to identify sources of information to better evaluate customers ConMon activities.
- Coordinate with Cyber Data Science team to create new views of customer's ConMon posture
- Collect the necessary data, develop, and deliver reports to show customer's progress of the enterprise wide ConMon program.
- Develop and deliver asset ConMon compliance views for categories such as mission, cross domain, and location, as required by the customer.
- Proactively identify and provide metrics and reporting data appropriate for stakeholders in each of the Tiers identified in the NIST SP 800-137
- Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool
- Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language
- Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting
- Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems
- Initiate and participate in studies to improve ConMon reporting metrics
- Recommend improvements on Enterprise Security Services (ESS) tool implementations
Job Requirements
Qualifications: Required: - Current U.S. Government Top Secret clearance with SCI eligibility
- Favorably adjudicated Polygraph
- Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification
- DoD 8570 certification in IAT or IAM
- Knowledge of and experience with RMF, particularly step 6 (Continuous Monitoring) policies
- Experience implementing ICD 503 RMF Process and NIST 800-53, 800-137, 800-37 and 800-53a technical controls, as well as developing and maintaining associated certification and accreditation documentation
- Excellent communications skills - both verbal and non-verbal
- Experience in one or more roles as SysAdmin, ISSM, ISSO, ISSE, DAO-R, SCA or ISO
- Office Automation Skills - MS Office, MS Project, Visio
- Self-starter requiring limited direction and supervision
Desired: - Experience briefing senior customer personnel
- Ability to organize and prioritize numerous customer requests in a fast-paced deadline driven environment
- Familiarity with Amazon Web Services (AWS)
- Familiarity with customer's IA processes
- Experience with ServiceNow and Splunk
- Experience supporting IC or DoD in the Cyber Security Domain
Travel Security Clearance Top Secret/SCI/CI Poly