Position Description
Are you an ISSE looking for a place where you can make a difference every day? Serco is the place for you! We have an exciting opportunity supporting the United States Navy and our CNIC N6 program at the Navy Yard in Washington, DC.
CNIC Regional Offices enable improving operational performance and cost reductions through business process definition, analysis, and development of technical capabilities which automate process or improve transparency for analytics and decision making.
This CNIC N6 Lead Information System Security Engineer (ISSE) for the Risk Management Framework (RMF) Assessment and Authorization (A&A) process, is tasked with developing RMF security authorization packages to obtain Authorizations to Operate (ATOs) for various isolated enclaves that support the NDW Region. These enclaves support many different missions, including, but not limited to, Anti-Terrorism/Force-Protection (AT/FP), access control, video monitoring, and mobile radio systems.
In this role, you will:
Support CNRNDW ISSM / CIO with RMF package development as the lead ISSE
Assemble and review all required documentation as outlined by the ISSM and CNIC for the RMF packages
Tailor security controls out of National Institute of Standards and Technology (NIST) SP 800-53 rev 4 for the systems
Assist with updating policy and documentation along with maintaining compliance with NIST SP 800-53 rev 4 throughout the RMF lifecycle
Develop a Security Assessment Plan (SAP) in accordance with the Navy RMF Process Guide ver. 3.1 and using the templates provided in the RMF Knowledge Service (KS)
Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with the SAP
Gather ACAS, STIG, Security Content Automation Protocol (SCAP) files, and other related package artifacts and report any discrepancies to the program
Build risk assessment report (RAR) incorporating all findings discovered in testing and documenting an analysis of each finding
Verify traceability between system authorization data flow, boundary diagrams, Hardware, Firmware, Software, Ports, Protocols and Services (PPS) lists, and ACAS scan
Update and help implement the status of all security controls, enhancements, and control correlation identifiers (CCIs) in eMASS
Make data entries into eMASS record for assigned systems and track RMF process timelines
Prepare for and conduct RMF-related briefings at meetings with internal and external representatives
Interact frequently with internal personnel and outside representatives at various levels
Assist in developing schedules and plans of actions and milestones (POA&M) for producing deliverable products and reports within customer-directed timelines
Coordinate with field activities, obtaining statuses and providing RMF guidance for all CNIC CNRNDW packages
Qualifications
To be successful in this role, you will have:
An active DoD Secret security clearance
Current DoD 8570 IAT level II compliant certification is preferred, but with additional experience and customer approval; a waiver may be granted to allow you to obtain your certifications within 90 days of employment
A bachelor's degree in Information Technology, Cybersecurity, Computer Science or related discipline
8 or more years of experience in an Information Technology or Cybersecurity environment supporting the Department of Defense
5 or more years of experience with EMASS, RMF, ACAS, STIG's, & VRAM
Recent experience with the RMF and NIST SP 800-53 rev 4 as an ISSE
Recent experience with developing A&A documentation & obtaining ATO's
Knowledge of US naval communication suites in areas such as LAN, WAN, and RF paths
Familiarity with the DoD Information Technology Portfolio Repository-Navy (DITPR-DON)/DON Application and Database Management System (DADMS) and the requirements for their use
Proficiency in at least 2-3 of the following disciplines
Microsoft operating systems
Microsoft SQL
Red Hat Linux
Cisco
Aruba Wireless
Lenel (preferred)
Additional desired experience and skills:
Apply today to discover your place in our world!
In compliance with state and local laws regarding pay transparency, the salary range for this role is $112,133.01
to $186,888.35; however, Serco considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills.
Company Overview
Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco's 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters.
To review Serco benefits please visit: https://www.serco.com/na/careers/benefits-of-choosing-serco . If you require an accommodation with the application process please email: careers@serco-na.com or call the HR Service Desk at 800-628-6458, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email.
Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see ourApplicant Privacy Policy and Notice (https://www.serco.com/na/privacy-policy) .
Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email Agencies@serco-na.com .
Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.
Click here to apply now (https://careers-sercous.icims.com/jobs/65802/lead-information-systems-security-engineer-%28isse%29---navy-yard---washington%2c-dc/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834477830)
New to Serco?
Join our Talent Community! (https://talent.serco-na.com/talentcommunity/signup)
ID 65802
Recruiting Location : Location US-DC-Washington Navy Yard
Category Information Security/Cyber
Position Type Full-Time
Security Clearance Secret
Telework No - Teleworking not available for this position
Campaign LPNavy
