Latitude, Inc. Cybersecurity Engineer in Colorado Springs, Colorado
Secret Clearance Required
We are looking for a dynamic professional with 3+ years of hands-on cybersecurity compliance experience in performing and/or participating in DoD system Assessment and Authorization (A&A) activities.Duties and Responsibilities:
Develop, assess, and analyze cyber security documentation for client information systems in accordance with FISMA, NIST RMF for Federal Civilian Agencies, RMF for DoD IT, FedRAMP, and departmental standards.
Perform system/network vulnerability scanning and analysis using both automated tools and manual techniques.
Assist or lead technical assessments using standard industry tools such as Nessus, ACAS (for DoD), and others.
Identify and apply vulnerability remediations, fix procedures, and when necessary mitigation techniques.
Identify and mitigate cyber security risks through formal assessment activities.
Lead development of detailed reports based on testing and data analysis.
Participate and lead compliance related discussions (this includes in-depth understanding of applicable compliance frameworks, architectures, and security control requirements (technical and non-technical)
Work directly with customers to resolve cybersecurity issues and concerns as well as to explain how compliance with various standards and frameworks are achieved.
Coordinate the day-to-day activities required to deliver a project on time and within budget.
Attend, participate, and lead regular project meetings; communicate and distill information from technical resources during formal and informal meetings.
Skills and Qualifications:
3+ years of experience in performing and/or participating in FISMA based security Assessment and Authorization (A&A) activities.
Working-level knowledge of FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
Must be sufficiently familiar with typical Federal A&A documentation (e.g., System Security Plans (SSPs), System Assessment Plans (SAPs), System Assessment Reports (SARs), Plan of Actions and Milestones (POAMs), and more) in order to contribute to authorship and/or solely author such documents.
Experience using testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, Wire Shark, Flying Squirrel, etc.
Active Secret Clearance Required.