Security Control Assessor (SCA) / Cybersecurity Engineer
Modern Technology Solutions, Inc. (MTSI) is seeking a Security Control Assessor (SCA) / Cybersecurity Engineer to join our team in the Washington, DC area. You will perform security control assessments meeting all FISMA requirements related to cybersecurity technical assessments and design tasks on aeronautical and aerospace related systems in accordance with RMF guidance publications, to include NIST SP 800-53 Rev. 4, NIST SP 800-53A, NIST 800-37 Rev.1, and CNSSI 1253/1254, as outlined in DCSA Assessment and Authorization Process Manual (DAAPM) and the Joint SAP Implementation Guide (JSIG). You must possess an active TS/SCI clearance.
At MTSI, our more than 1,200 co-owners recognize the high demand for specialized professionals within our industry and that you have many options to choose. As an employee owned company where culture matters, we believe that by investing in our people we are investing in our company's future!
MTSI's core capabilities are Systems Engineering and Integration, Modeling and Simulation, Test and Evaluation, Acquisition and Program Support, and Mission Assurance services. Our expertise includes ballistic missile defense, air defense, air vehicle survivability, unmanned aircraft, flight test operations, intelligence support, and cyber/space/homeland defense.
Recognized as an 'employee comes first' company with over 27 years of consecutive growth we challenge our co-owners to provide the highest level of support and service, and reward them with some of the best benefits in the industry. Day one all new co-workers start with 20 days PTO, 6% 401k match with immediate vesting, semi-annual bonuses, and eligibility to participate in our Employee Stock Ownership Plan (ESOP). We offer other employee focused benefits, including up to $10k in tuition reimbursement and an optional zero dollar deductible BCBS health insurance plan.
For additional company information, please visit:
As a Security Control Assessor (SCA) / Cybersecurity Engineer with MTSI, you will perform security control assessments meeting all FISMA requirements related to cybersecurity technical assessments and design tasks on aeronautical and aerospace related systems in accordance with RMF guidance publications, to include NIST SP 800-53 Rev. 4, NIST SP 800-53A, NIST 800-37 Rev.1, and CNSSI 1253/1254, as outlined in DCSA Assessment and Authorization Process Manual (DAAPM) and the Joint SAP Implementation Guide (JSIG). You will interact daily with Air Force program managers and industry subject matter experts across multiple domains (air, space, cyber) to assist the government with technical assessments, strategic planning, and engineering evaluations. This position will be located in the Washington, DC area.
As the Information Systems Security Engineer (ISSE) some of your duties are as follows:
Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations, and recommend mitigation strategies.
Validate and verify system security requirements definitions and analyze and establish system security designs.
- Conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by a system to determine the overall effectiveness of the security controls.
- Reviewing Risk Assessment Reports (RARs) and provide feedback to ISSMs regarding the completeness of the risk assessment and appropriateness of planned safeguards.
- Assessing the severity of any weakness or deficiencies discovered in the system and its environment of operation, and recommending corrective actions to address identified vulnerabilities.
- Evaluating threats and vulnerabilities to systems to ascertain the need for additional safeguards.
- Reviewing Plans of Actions and Milestones (POA & Ms) to ensure weaknesses are identified, effective / acceptable mitigation strategies are planned, and timelines are acceptable an on track.
- Preparing and submitting the final Security Assessment Report (SAR) containing the results and findings from an assessment and a recommended risk-based authorization decision to the Authorizing Official (AO).
- Assessing proposed changes to systems, their environment of operation, and mission needs that could affect system authorization.
- 14+ years of experience with DoD, USAF, and interagency cybersecurity and/or information assurance within the following areas:
- testing NIST SP 800-53 security controls.
- experience with IT audits, including conducting technical security compliance tests and vulnerability assessments.
- experience with conducting security assessment and authorizations or Certification and Accreditation (C & A).
- Knowledge of reverse engineering best practices and industry standard methodologies.
- DoD, USAF, and interagency information assurance requirements.
- DoD, USAF, and interagency security accreditation procedures.
- Cyber systems development and sustainment.
- Network protection, attack, and exploitation.
- Integration and test for DoD & USAF systems.
- Current applicable SAP and SCI information assurance requirements (e.g., JSIG, RMF, JAFAN, etc.).
- DoD and/or USAF Special Access Programs.
- Able to work either independently or in a team to conduct reverse engineering.
- The ability to coordinate, brief, and work with Senior DoD officials.
- Excellent written and verbal communication skills are required.
- Bachelor's degree in an IT-related field (e.g., cybersecurity, computer science, computer engineering).
- Master's degree in an IT-related field (e.g., cybersecurity, computer science, computer engineering) (DESIRED)
(DoD8570 compliant) - One or more of the following required:
- Certified Information Systems Security Professional (CISSP).
- Certified Network Engineer (CCNE).
- Certified Information Security Manager (CISM).
- Microsoft Certified Systems Engineer (MCSE).
- Certified Ethical hacker (CEH)(DESIRED).
- TS, SCI/SAP eligible
- U.S. Citizenship is required for this position.
FindTheBestJob is a free service and does not charge a fee at any stage of application or recruitment process. Don’t provide your bank account or credit card details to anyone during job application. FindTheBestJob does not guarantee the availability of a job since organizations may end applications earlier than due date.