Journeyman Information System Security Engineer

Job Description

Job Description

Must currently be local to Japan or be willing to permanently relocate to be considered. Secret Clearance required.

CCS seeks a Risk Management Framework (RMF) support specialist to provide FRCS system security engineering support in Far East to achieve and maintain Authorizations to Operate (ATOs).

The contractor shall be responsible for creating and maintaining RMF artifacts and shall implement security controls, patch vulnerabilities on network devices, and resolve system security engineering concerns to ensure cyber compliance and readiness for the NAVFAC FE Facility Engineering Command (FEC) in Yokosuka Japan.

Resources will need to be onsite as required to support mission requirements. The requisite duties, knowledge, and experience are detailed below :

• Complete System / Mission decomposition to identify system components critical to priority mission functions.
• Work with CYBERSAFE team to complete grading of Facility Related Control Systems (FRCS).
• Report ongoing Risk Management Framework (RMF) package progress regularly to ISSM, HQ teams and various leadership personnel throughout NAVFAC Enterprise.
• Support government personnel in providing technical capabilities to assist with the development of custom mitigations to challenging technical requirements.
• Use collected system information and interviews with Subject Matter Experts (SMEs) and various system personnel to review artifacts for compliance, completeness, and quality in support of successful ATOs and ongoing maintenance.

RMF Artifacts include but aren’t limited to :

• Hardware and Software Lists
• Network diagrams in accordance with (IAW) with NAVFAC FRCS Diagram
• Contractor performs all necessary tasks to support RMF packages, including uploading artifacts into eMASS in the proper format to support initial RMF authorization, maintenance, or reauthorization efforts.

Duties include :

• Implementing security controls in accordance with STIGs and SRGs
• Patching vulnerabilities on IT / networking devices and all IP-based controllers
• Conducting vulnerability scanning of all IP devices and generate reports
• Completing manual STIG checklists (CKLs) according to the approved SAP
• eMASS tasks such as inputting test results, uploading scan results, mapping vulnerabilities to controls, updating and processing eMASS workflows
• Providing on-site validation support
• Facilitating and managing change requests and authorization boundary changes with Operational Technology Design Authority (OTDA)
• Collaborating with multiple departments to perform scanning and patching to include intermittent nationwide travel according to multiple site requirements and availability

Preferred Qualifications (Desired) :

• Bachelor's degree in IT / Cybersecurity related field
• Experience with implementing Security Technical Implementation Guides (STIGs) and Security Requirement Guides (SRGs)
• Experience conducting ACAS scans and generating reports
• Knowledge of industrial communication protocols
• Knowledge of HVAC Systems equipment and operation
• Knowledge of HVAC Control Systems
• Knowledge of utility information systems and energy-management technologies
• Five (5) years of related experience and / or training including military or civilian experience
• Problem-solving skills and attention to detail.

This position offers a competitive salary and benefits package. If you are a proactive individual with a passion for cybersecurity, we encourage you to apply.

Powered by JazzHR

w8ieY5aVHI