Cybersecurity Engineer (RMF/ATO)

About Schubring Global Solutions

SGS was founded in 2013 to provide elite security consulting to forward thinking organizations. Our customers recognize that security is not a commodity and requires the best advice possible for the best value.

Our approach is straightforward. Our team has been on both sides of the table, and we firmly believe in treating our customers the way we would expect to be treated. Every member of our team embraces our core values. We will not compromise our integrity and we will only act in our customers' best interests.

As security practitioners, we embrace the impact of our actions and recommendations on our customers and their people. We operate as trusted partners…because that is what we are.

We are seeking a Cybersecurity Engineer to become a valued member of our team supporting a government client. The work entails conducting assessments related to RMF and other standards to ensure the client maintains an ATO.

Key Responsibilities

• Working as a member of the design team to ensure cybersecurity is built into the system.
• Perform the technical hardening and documentation of the system.
• Conduct cybersecurity hardening activities (system patching, updating (applications, OSs, firmware, antivirus, etc.), applying Secure Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs), and any other secure configuration requirements.
• Apply all applicable Defense Information System Agency (DISA) STIGs and SRGs to all system components. This includes all OS, Firmware, Group Policy, Domain, Network, and Application-Specific STIGs/SRGs.
• Use the automated Security Content Automation Protocol (SCAP) tool to evaluate STIG/SRG compliance.
• Complete STIG/SRG checklists for system components.
• Conduct vulnerability scans using Nessus (ensuring ACAS compatibility).
• Develop documentation to support the project (e.g. Implementation Plan, Security Controls, diagrams, and anything related to the RMF/RMF AO package).
  
  

Required Degree/Certifications

• 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
• Possess one of the following certifications: CCNA-Security, CySA , GICSP, GSEC, Security CE, CND, SSCP, CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP
  
  

Required Experience

• Five years of cybersecurity experience in performing system hardening.
• Demonstrated experience with performing STIG implementation.
• Demonstrated experience performing vulnerability assessments with the Nessus and Assured Compliance Assessment Solution (ACAS) compliant scans.
• Demonstrated experience remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating
  
  

Other Requirements

• Travel up to 50%
• Be willing to submit to a government suitability investigation.
• Familiarity with the following:
• UFC 4-010-06 Cybersecurity of Facility-Related Control Systems
• AR 25-2 Army Cybersecurity
• AR 190-51 Security of Unclassified Army Resources
• DoD Directive 8140.01 Cyberspace Workforce Management
• DoD Instruction 8500.01, Cybersecurity
• DoD Instruction 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT)
• Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs)
• Have completed, or willing to complete Antiterrorism/Operations Security (AT/OPSEC)
  

Other

Travel: 50%

Location: Sterling, Virginia (On-Site)

Job Type: Full time

Career Level: Mid-career

Category: Engineering

Exemption Type: Exempt

United States Citizenship is Required

Security Clearance: Must successfully pass a company background check.

SGS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, national origin, age, protected veteran status, or disability status.

The Pay Range For This Role Is

95,000 - 100,000USD per year (Sterling, VA)

PI260635457