Posted 1 week ago

Work Status: Full-Time

Location: San Diego, CA

Clearance: Secret

Requisition Number: ISSE-001

Summary:

ODME Solutions, LLC is currently seeking an Information Systems Security Engineer to join our team and provide support to our NIWC PAC MGF cybersecurity customers located in San Diego, CA.  The Information Systems Security Engineer will provide technical and operational expertise to maintain the vulnerability management process, systems scan configurations and analysis, and vulnerability and mitigation efforts.

Responsibilities:

  • Support the cyber security process (i.e., vulnerability analysis/assessments, continuous monitoring, and generation of authorization artifacts) to gain authorization for deployment of the BMA applications to the Fleet.
  • Support program requirements to submit ACAS scans, STIGS/SCAP results and test reports in accordance with Navy SCA Risk Assessment Guide. In addition, updated ACAS scans are requested per Navy RMF Process Guide v3.3 to maintain authorization, and to maintain compliance with released requirements.
  • Support evaluation of required cyber security controls, STIG validations, and POAM creation.
  • Support program requirements to submit security test data to support generation of a Security Assessment Report (SAR) as part of the RMF Annual Security Review requirement.
  • Support proactively maintaining the security of the programs baselines to avoid being assessed as “high risk” during the annual security review and being directed to High Risk Review (HRR).
  • Support the requirement to submit the ACAS Detailed Vulnerability List (DVL) Report in .CSV file format and Summary Report in PDF format in addition to the Nessus scan file (.nessus).
  • Support the requirement to submit EMASSTER output report in excel format along with NESSUS files and CKL files.

Skills/Qualifications:

  • Basic knowledge and cyber experience in DoD projects and Navy C4I systems.
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems w/ focus on producing deliverables for RMF and High-Risk Escalation (HRE) processes in accordance with Navy Testing Guidance.
  • Skill in installation and use of Assured Compliance Assessment Solution (ACAS) (both Security Center and Nessus scanners), as well as report customization.
  • Knowledge of other RMF processes/models (e.g., RAISED).
  • Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures.
  • Knowledge of cybersecurity principles and Department of Defense (DoD) requirements (relevant to confidentiality, integrity, availability, authentication, nonrepudiation).
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return oriented attacks, malicious code).
  • Experience implementing and executing software and security engineering practices in the System/Software Development Life Cycle (SDLC) Process.

Education/Certification:

  • Bachelor’s degree in computer science, cybersecurity, information assurance, engineering, or related cybersecurity experience.
  • Security+
  • OS certification (AWS, Windows, Linux, etc.)

Salary: $90,000 – $110,00

Apply Online

A valid email address is required.
A valid phone number is required.

ODME is a Federal contractor and an Equal Opportunity Employer. ODME is subject to Executive Order 11246, which requires government contractors to take affirmative action to ensure that equal opportunity is provided in all aspects of their employment. In addition, we are subject to Vietnam Era Veterans’ Readjustment Assistance Act of 1974, as amended by the Jobs for Veterans Act of 2002, 38 U.S.C. 4212 (VEVRAA), which requires Government contractors to take affirmative action to employ and advance in employment protected veterans. In order to comply with these laws, ODME invites applicants to voluntarily self-identify their gender, race/ethnicity and protected veteran status. ODME does not discriminate on the basis of race, religion, color, sex, sexual orientation, gender identity, age, protected veteran status, non-disqualifying physical or mental disability, national origin, genetic information, or any other basis covered by appropriate law.  All employment is decided on the basis of qualifications, merit, and business need.

Submission of this information is voluntary and refusal to provide it will not subject you to any adverse treatment. The information obtained will be kept confidential and may only be used in accordance with the provisions of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual.

ODME invites any applicant and/or employee to review the Company’s written Affirmative Action Policy (Link)