Obxtek Scott Air Force Base , IL 62225
Posted 1 week ago
Responsibilities
OBXtek is recruiting for a Security Engineer III to work on the PEO-T contract for USTRANSCOM.
The tasks for this person will be, but not limited to, the following:
Reviews evolving NIST requirements to support risk assessment activities associated with the affiliated system requirements and specifications.
Prepares detailed specifications from which cybersecurity deficiencies identified during risk assessment will be mitigated/remediated and conducts follow-up risk assessment to ensure proper secure coding practices are being built-in/enforced to the greatest extent possible. Collaborates closely with government customers to develop appropriate POA&Ms and support risk acceptance activities as needed to support risk management processes.
Mentors and Monitors Junior ISSEs.
Peer Reviews Fellow Team Member's Deliverables
Responsible for Quality Assurance (QA) review.
Responsible for project completion and user satisfaction.
On-site 2-3 days and as needed for SIPR/ATO Functions/Packages*
Qualifications
Active Secret Clearance
4+ years' relevant experience in the following:
Experience developing and/or reviewing system authorization documentation in accordance with DoD implementation of the Risk Management Framework (RMF)
Experience participating in Technical Interchange Meetings on a wide range of PMO security engineering topics
Experience participating in Acquisition program Engineering Milestone Reviews
Experience coordinating with Development Contractor Security/System Engineers and USTRANSCOM/DISA Security Office to resolve program security issues
Possess skills to conduct Technical Reviews of Development Contractor produced security deliverables
Experience performing security activities to maintain authorization of the PMO programs
Experience using DOD Enterprise Mission Assurance Support Service (eMASS) system
Experience providing support to ensure PMO systems are designed, developed, and deployed in accordance with applicable Executive Orders, Federal Policy, DOD regulations, USTRANSCOM requirements, and commercial best practice
Experience reviewing vulnerability scans using ACAS, Nessus, and Fortify SCA, analyze outputs to identify vulnerabilities, and recommend mitigation and remediation actions
Experience supporting the Customer through critical review of documented DISA STIG/SRGs and ingesting them in the government-supplied tools to support risk assessment of the NIST controls.
Experience writing and tracking POA&Ms
Experience conducting and evaluating security testing activities including security assessments, audits, and penetration testing
Experience supporting operational security activities (e.g., firewall implementation, risk mitigation, host security, encryption, intrusion detection, Virtual Private Network (VPN) implementations, and viral detections)
Experience with security lockdown and/or hardening of servers and network devices
Ability to coordinate overall security strategy with multiple agencies, Authorizing Official (AO) representatives
Ability to coordinate with developers, vendors, and other government organizations/agencies to assess security engineering issues
Experience recommending changes to network and security architecture to improve security posture and meet operational performance requirements
Required Education/Certification
Security Clearance
Secret
Company Information
Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers' knowledge and innovation using technology, collaboration, and education.
We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.
As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.
OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.
Obxtek