KDA Consulting is a Disabled Veteran, Woman-Owned, Certified Disadvantaged Small Business, comprised of a diverse team of professionals driven to tackle the demanding National Defense and Intelligence challenges through IT solutions. We emphasize teamwork and focus on achieving goals to complete deliverables efficiently, on-time, and under budget.
We are currently seeking a
Cyber Security Systems Engineer - Expert to join our team. This opportunity is supporting the customer's A&A projects which has several Branches within it. The A&A projects are therefore at various levels within the customer organization depending upon which team is responsible for initial development and accreditation vs. long term Operations and Maintenance support.
Required Experience and Primary Job Duties:
- Possess the ability to bridge the technical implementation (i.e. developer talk), into commonly understood security words. Often this is a skillset and is not an actual language, but frequently translation or a basic understand needs to be conveyed by the ISSE when speaking with others or in writing the documentation in order to ensure it's easy to understand
- Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts
- Document and obtain a general understanding of the architecture being developed or that was developed for each project in order to write the Systems Security Plans (SSP)/CONOPS in the Xacta application
- Gather the information by working with various team members in order to write various additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP's), etc
- Support Accreditation and Authorization (A&A) reviews by ISSO/M, as well as the Security Controls Assessor (SCA)
- Document the Plans of Actions and Milestones (POA&Ms) implementation responses or mitigations, as well as provide all required artifacts (i.e. evidence gathering from the teams)
- Coordinating with various contractor and staff personnel to obtain the A&A content, as well as working with various customer security organizations to navigate the customer's A&A process in order to achieve Authority to Develop (ATD), Interim Authority to Operation (IATT), as well as Authority to Operate (ATO)
- Keep track of where each of the various A&A projects are within the customer's A&A process in order to know when it's time to re-submit for accreditation or an accreditation extension
- Possess multi-tasking skills, as well as be a good communicator/facilitator. Comfortable at all levels from developer to senior staff
- Knowledge of the complex network environments involving shared networks and multiple security enclaves
Preferred Education, Experience, & Skills:
- Previous ISSE experience directly supporting the customer
- Previous ISSO experience directly supporting the customer is also helpful
- Various security tools and reports such as Xacta, RoadRunner, Rapid 7, WebInspect, App Detective, and Splunk
- Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.)
- Virtualization experience (VDI & VMWare)
- Basic knowledge is helpful, but not required for the following general topics: Cloud security control implementation, PKI
implementation, STIG compliance and vulnerability management, and Security Development and Operations (SecDevOps)
- CISSP, or GSLC
- AWS Certified Security Specialty
- Basic Excel and Microsoft Office365
Job Requirements
- Active TS/SCI + Full Scope Poly U.S. Government Security is required
- Bachelor's degree in Computer Science, Engineering, or a related technical discipline
- 11-15 years of relevant professional work experience
- Ability to maintain discretion and confidentiality
- Strong interpersonal skills, especially the ability to network and establish professional relationships
- Ability to prioritize, demonstrated strong organizational skills, and ability to meet or exceed deadlines
Physical Demands: Position will require frequent sitting, standing, and/or mobility within an office setting. Employee must be able to use hands to complete work at a workstation/computer, be able to reach, type and manipulate with hands, fingers, and arms; lift and/or move up to 20 pounds; talk, see and hear.
Work Environment: Work is performed on client site in a professional office environment with moderate stress and noise levels. Position requires employee to effectively use a computer, potentially for long periods of time, and to accommodate potentially frequent interruptions. Candidate should be both customer-focused and present a team approach to overall work.
Schedule: Business core hours are Monday through Friday, from 09:30 to 14:30 ET. Standard work hours may vary for this position based upon contract requirements. Position will be located onsite primarily at a customer facility in
Herndon, VA.
Americans with Disabilities Act (ADA): KDA is committed to the full inclusion of all qualified individuals. As part of this commitment, KDA will ensure that persons with disabilities are provided reasonable accommodations in the hiring process. We encourage qualified individuals with disabilities to apply. If a reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions, please contact our HR team at hr@kda-consulting.com. For persons who are deaf, hard of hearing, deafblind, or deaf-disabled, KDA will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes.
EEOC: KDA is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.