Excentium, Inc. is a Service Disabled Veteran-owned small business that provides Cyber Security, Information Assurance (IA), Program Management, and other Information Technology (IT) related services to Government and commercial organizations.

We have an opportunity for a Cyber Security Engineer to support one of our Federal clients at Walter Reed National Military Medical Center, Bethesda MD.

MINIMUM CLEARANCE LEVEL: Active DOD Secret

CITIZENSHIP: US Citizenship

LOCATION: Walter Reed Nation Military Medical Center, Bethesda MD

The Cybersecurity Engineer determines enterprise information assurance and security standards. Develops and implements information assurance/security standards and procedures. Coordinates, develops, and evaluates security programs for an organization. They will provide recommendations for information assurance/security solutions to support the customers’ requirements. Identifies, reports, and resolves security violations. Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. The position will be supporting the customers at the highest levels in the development and implementation of doctrine and policies. Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems, requiring specialized security features and procedures. May direct or perform analysis, design, and development of security features for DHA system architectures. Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers. Designs, develops, engineers, and implements solutions that meet security requirements Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems. May direct or Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Review and ensure compliance with Department of Defense (DoD) policy and requirements

Designs, develops, and implements solutions to meet security requirements. Gathers and organizes technical information about an organization's mission goals and needs, existing security products, and ongoing programs in computer security. Participates in all phases of the systems lifecycle including preliminary and final design, systems development, integration, and testing.

Responsibilities:

• Develop/maintain processes that implement the DoD Security program.
• Regularly Audit network/IT environment for compliance to Policy and associated SOP - Weekly/Daily reporting of internal high risk systems, outstanding remediation and mitigation activities,
• Assist in development of Plan of Action and Milestones (POA&M) and compliance.
• Assist with POA&M management, mitigation statement formulation, interfacing with system administrators to resolve open findings of high and at risk systems.
• Coordinate with the Computer Network Defense Service Provider (CNDSP) to provide incident support for DHA/WRNMMC cyber security incidents.
• Support Validation of IT security architecture for compliance.
• Assist in compliance reporting for the Information Assurance Vulnerability Management (IAVM) program.
• Conduct Incident Response and forensic analysis when necessary
• Assist in management of the assessment/authorization program for HIT information systems.
• Ensure compliance with DHA RMF policies and procedures.
• Maintains the electronic registration of systems in eMASS, DITPR, or other Portfolio as directed.
• Coordinates with stakeholders to communicate status and action items for systems in process
• Updates documentation as system information changes
• Coordinates Annual Reviews
• Supports/Performs assessment of NIST 800-53 controls
• Coordinate with Threat Management Branch for Technical Assessment
• Perform Vulnerability scanning and remediation of findings as required by CISM

Required Education:

BS/BA preferred in Computer Science- can be substituted for 4 years professional experience

Minimum of DoD 8570.01-M IAT Level III CISSP or Associate

Required Skills:

• Minimum 5 years’ experience with systems engineering
• Understanding DOD STIGs and ability to provide direction based on STIGs
• Familiarity Risk Management Framework (RMF)
• SCAP, LINUX/UNIX Security Audit
• Must be Capable of independent management of projects.
• High level understanding of operating system security settings, configuration, and policies (Windows, Red Hat and/or other Linux) virtual environments, and/or scripting languages (Python, PowerShell, Bash, etc.)
• Able to work in team environments and independently
• Ability to write procedures and other informative correspondence
• Ability to read, analyze and interpret security regulations
• Good analytical and problem solving skills to troubleshoot and resolve network/operating system security issues

We take pride in building a workforce with a strong Veterans focus

Excentium, Inc. is an equal opportunity employer.