I

Cybersecurity Engineer

ISYS Technologies
Full-time
On-site
Colorado Springs, Colorado, United States

Minimum Clearance Required

Top Secret

Responsibilities

I2X Technologies is a reputable technology services company to the Federal Government.  Whether the focus is on space exploration, national security, cyber security, or cutting-edge engineering applications, I2X is ready to offer you the chance to make a real-world impact in your field and for your country.  We provide long-term growth and development. Headquartered in Colorado, I2X is engaged in programs across the country and in more than 20 states.  Our programs support multiple Federal agencies, the Department of Defense and often focused on the space initiatives of our government customers.

 

  • Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual validation of accounts, and work with system administrator on creation, modification, and removal of accounts
  • Perform assessment of systems and networks within a virtual environment and identify where those systems deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits using STIG Viewer, SCAP, etc and active evaluations such as vulnerability assessments utilizing ACAS.
  • Perform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOS
  • Develop test plans reflecting how STIG checks are implemented and be able to show expected outcomes of those checks
  • Update Risk Management Framework (RMF) artifact documentation to ensure system hardening non-compliant is tracked and remediated.
  • Establish strict program control processes to ensure mitigation of risks and supports obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
  • Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activities.
  • Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
  • Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
  • Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintaining the Plan of Actions and Milestones (POA&M).
  • Periodically conduct a complete review of each program support and operational system's audits and monitor corrective actions until all actions are closed.
  • Coordinate across the program to address identified deficiencies during RMF assessment activities.

Qualifications

Advanced degree and 7+ years experience or bachelors with 9+ years experience or equivalent; applies extensive expertise; solves complex problems that require the regular use of ingenuity and creativity.

  • Active Top Secret clearance required to start
  • IAT Level II/ IAM Level I DoD 8570 certification (Sec+ CE or similar)
  • Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).

 

Required Qualifications:

  • Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)
  • Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to include: identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, conducting verification testing for compliance assessment.
  • Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g. Fortify)

Preferred Skills:

  • Windows and Red Hat Enterprise Linux (RHEL) system administration skills
  • Previous background working in a virtual environment.
  • Previous background working with dockers and containers
  • Administer ACAS and ESS (formally HBSS)
  • Previous experience with ConfigOS

 

Essential Requirements:

US Citizenship is required.

 

I2X Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected Veteran status, or disability status.

 

In compliance with Colorado’s Equal Pay for Equal Work Act, the annual base salary range for this position is listed . Please note that the salary information is a general guideline only. I2X Technologies considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s work experience, education/training, key skills, internal peer equity, as well as, market and business considerations when extending an offer.

 

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without reasonable accommodation.

 

While performing the duties of this job, the employee will regularly sit, walk, stand and climb stairs and steps. May require walking long distance from parking to work station. Occasionally, movement that requires twisting at the neck and/or trunk more than the average person, squatting/ stooping/kneeling, reaching above the head, and forward motion will be required. The employee will continuously be required to repeat the same hand, arm, or finger motion many times. Manual and finger dexterity are essential to this position. Specific vision abilities required by this job include close, distance, depth perception and telling differences among colors. The employee must be able to communicate through speech with clients and public. Hearing requirements include conversation in both quiet and noisy environments. Lifting may require floor to waist, waist to shoulder, or shoulder to overhead movement of up to 20 pounds. This position demands tolerance for various levels of mental stress.

 

I2X Technologies is an Engineering and Information Technology Company focused on providing Services to the Federal and State Government. I2X offers a competitive compensation program and comprehensive benefits package to our employees.