Cyber Systems Engineer IV – Vulnerability Management

Overview

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.

Responsibilities

Program Description:

The program provides Systems Engineering and Technical Assistance (SETA) support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.

Position Description

The Vulnerability Management Branch (VMB) Cyber SE provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

• Support the IT vulnerability management lifecycle.
• Support government activities and reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC)
• Assess and manage the implementation of identified corrections associated with high visibility technical vulnerabilities
• Using several database sources, collect the necessary metrics to develop and deliver a periodic Cyber Vulnerabilities Metrics Report
• Develop and deliver asset vulnerability views for categories such as mission, cross domain, and location, as required by the customer
• Develop cyber vulnerability analysis for known vulnerabilities, as well as cyber-related metrics and reporting deliverables
• Document and deliver awareness notices related to cyber vulnerabilities
• Document and deliver Government activities and reporting related to tasking and directions received from external stakeholders (i.e., USCYBERCOM, IC-SCC).
• Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and program Information System Security Engineers (ISSEs)
• Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findings
• Prepare and update slides for weekly and monthly meetings
• Draft executive-level briefings as necessary
• Support stakeholders in targeted vulnerability searches
• Research trending vulnerabilities being reported through enterprise security tools
• Support the automation of current activities with system engineers and software developers from other groups and offices
• Ensure divisional processes are accurately documented and kept up to date
• Maintain representation of divisional activities and metrics via Confluence on a weekly basis
• Assist with the development of new processes and deliverables to support enterprise vulnerability analysis designed to inform the enterprise of existing vulnerabilities
  
  

Qualifications

Required:

• BS 8-10 years, MS 6-8 years, PhD 3-5 years
• Must possess and be able to maintain a TS/SCI with Poly
• DoD 8570 certification in IAT or IAM
• Familiarity with the IT vulnerability management lifecycle.
• Ability to work customer’s core hours (0900 - 1500 Monday - Friday) in a SCIF environment
• Excellent communications skills - Verbal and Non-Verbal
• Strong analytic and risk management skills
• Strong attention to detail and organizational skills
• Self-starter requiring limited direction and supervision
• Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation
• Flexibility of schedule based on customer needs
  
  

Desired

• Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification
• Experience supporting IT domain or IC experience with acquisition and project management
• Experience briefing senior customer personnel
• Ability to organize and prioritize numerous customer requests
• Familiarity with customer's IA processes
• Experience with SNOW, Splunk and ACAS
• Familiarity with Cross Domain Systems (CDS)
• Experience supporting IC or DoD in the Cybersecurity Domain
  
  

EEO Statement

EEO

Arcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.