Anybody into PCI Compliace? I kept seeing those ads for Boyd Clewis academy, apparently people are getting the cert or whatever in it in 90 days. I had a call with them and everything, seemed like a nice opportunity and much more preffered to trying to go back into Grad school again if I decide to make a move for my next level of my career, trying to bust through that 6 figure wall. Also, small chance someone in this threadis interested, here's a job I was offered. Just tell them you have an associate who it was offered to who sent it to you (pm me for my real name if you want). I never got into CISSP so all this RMF stuff is over my head, but $70/hr is like $145, and on Texas (arlington of course a suburb of Dallas) cost of living with no state income tax. Sheeyit
Hello ,
We just received a new work order and wanted to know if you would be interested in this position – see below.
If not, please forward this email on to anyone you know who might be interested, thanks!
Information Systems Security Engineer Job#189709
ACTIVE SECRET CLEARANCE REQD
Category: IT
Region: TX-Texas
City: Arlington
State: TX
Rate: Up to $70.00 DOE
Duration: 9 months
Description:
Chipton-Ross is seeking an Information Systems Security Engineer for an opening in Arlington, TX.
RESPONSIBILITIES:
Implement security and anti-tamper controls into training and simulation solutions
• Define DoD cybersecurity and anti-tamper requirements and interact with external stakeholders to refine/derive/allocate security control requirements
• Perform trades studies, cost analysis, risk assessments, impact analysis, and effectiveness studies
• Customize cybersecurity solutions based on cost and effectiveness
• Assist programs and monitor program execution throughout product development lifecycle to ensure cyber and anti-tamper objectives are met
• Lead, advise, and educate engineers on cybersecurity and anti-tamper concepts and solutions
• Prepare briefings to obtain approvals by government agencies for contracted efforts
• Perform cybersecurity tasks in each phase of the Risk Management Framework (RMF)
• Create entire authorization packages to obtain an Authority to Operate (ATO) for DoD Information Systems
• Interact with System Program Office and Authorizing Official key personnel during all phases of the RMF
• Support Information System Security Managers and Officers (ISSM/ISSO) during Continuous Monitoring Phase of the RMF as technical Subject Matter Expert
Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security
• Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest
• Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products
• Uses methods such as encryption technology, vulnerability analysis and security management
• Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment
• Will prepare Certification and Accreditation documentation, using multiple standards such as DITSCAP, NIACAP, DCID 6/3, Common Criteria, and NIST 800-37, to achieve security authorization of supported systems. Represents program security needs, concerns and requirements at customer meetings
REQUIREMENTS:
6+ years of relevant experience in fields of cybersecurity, anti-tamper, or engineering computer technology
• Defense industry experience
• Experience creating authorization packages for DoD Information Systems
• Experience implementing security controls
• Experience with security control testing to include use of vulnerability and compliance scanners, creating test reports, and analyzing test results
• In-depth knowledge of all phases of the RMF
• Knowledge of all phases of the Systems Development Lifecycle
• Knowledge of NIST 800-53 security controls including their implementation and testing
• Interpersonal soft skills to effectively and smoothly interact with both internal and external stakeholders
• Experience in requirements management to include deriving, allocating, and tracing
• Ability to work alone or in a team environment
• Self-motivated with substantial problem-solving abilities
• Proficiency with Microsoft Office products
Additional Desired Qualifications and Experience
• JSIG compliance and implementation experience
• Proficiency in anti-tamper techniques for verification and protection of Critical Program Information (CPI) per DoDI 5200.39
• Systems Administrator Experience
• Significant knowledge of Security Technical Implementation Guides (STIGs)
• Design and Architect experience of cybersecurity solutions
• Multiple DoD 8570.01-M certifications
• Prior experience utilizing systems engineering principles for requirements on a technical effort
• Previous experience developing and accessing various artifacts such as SOWs, requirements, and test documents
• Experience with DOORS requirements management software
• Experience in eMASS and Xacta RMF flow software
• Experience in cybersecurity activities associated with aircraft and aircraft simulators/training devices
• Ability to travel up to 15%
EDUCATION:
• Bachelors degree in a technical field, such as Cybersecurity, Electrical Engineering, Systems Engineering, or Computer Science
Masters degree preferred in related field
IASAE level II or III certification
SHIFT:
9/80
MISCELLANEOUS:
Applicants responding to this position will be subject to a government security investigation and must meet eligibility requirements by currently possessing the ability to view classified government information.
Contact:
Max Cameron at
mcameron@chiptonross.com
CHIPTON-ROSS INC.
420 Culver Boulevard
Playa Del Rey, CA 900293
Phone: (310) 414-7800 x242 or (800) 927-9318