Cybersecurity Engineer with Security Clearance

Serco Inc.
United States
20 Jun 2024
13 Jul 2024
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time
Position Description If you love high profile and challenging projects supporting the US Navy– Serco has a great opportunity for you! This Cybersecurity Engineer position will be on a dynamic team, supporting Team Submarine. Bring your expertise and collaborative skills to make an impact towards our military defense and safety of our sailors. Serco supports the US Navy as a prime for their Team Submarine contract supporting the acquisition of submarines. The Team Submarine concept unifies once diverse submarine–related activities into a single submarine–centric organization with the goal of eliminating traditional stovepipe structures and processes that created impediments and inefficiencies in the submarine research, development, acquisition, and maintenance communities. Team Submarine provides improved communication among the various offices that contribute to the overall success of the United States Submarine Force. Serco–NA is seeking a motivated individual to provide programmatic support to one of our NAVSEA customers. Serco–NA has an opening for a Cybersecurity Engineer would be responsible for overseeing all risk associated with PMS450. PMS450 oversees the design, construction, and delivery of the VIRGINIA Class Submarines. Looking for a cyber role at a place you can have influence every day? As a part of this dynamic team located in Washington, D.C., you will be expected to bring your expertise and collaborative skills to make an impact towards our military defense and safety of our sailors. The acquisition of New Construction Submarines and for identifying, assembling, managing, directing, and coordinating the resources required for the R&D, design, construction, Test and Evaluation (T&E), Live Fire Test and Evaluation (LFT&E), and Fleet introduction of the U.S. Navy's newest class of nuclear attack submarines. The program is a major defense acquisition program with a total life cycle cost of approximately $336B. Additionally, successful improvement of the Class's capabilities is of significant political importance with Congress and the Office of the Secretary of Defense (OSD). Serco–NA is seeking a motivated engineer to provide engineering and programmatic support to one of our customers with the U.S. Navy in the Washington, DC area. In the role of Cybersecurity Engineer, you will: Assist in the development of standard operating procedures and policy regarding the implementation of Navy Cyber Security Requirements Interface with the Team Sub Activity Chief Information Officer (ACIO) as required to ensure compliance with Team Sub and NAVSEA Cyber Security requirements
Maintain familiarity of all Cyber Security requirements and procedures initiated at higher levels (DoN, NAVSEA, SEA05Q, etc.), relay that information to the program office, and assist with the application of those requirements. Perform activities required within the DoD Instruction 8510.01 DoD Risk Management Framework (RMF) (formerly the DoD Information Assurance Certification and Accreditation Process (DIACAP to obtain Authorization to Operate (ATO) with Conditions or ATO prior to fielding of all TEAM SUB Enterprise Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems. Develop RMF accreditation packages using current DoD Instruction 8510.01 accreditation methods, to include the System Authorization Boundary, Hardware/Software/Firmware list, Dataflow Diagram, Security Plan, Plan of Action, and Milestones (POA&M), System Categorization, Enterprise Reporting RMF Scorecard, System Level Continuous Monitoring (SLCM) Strategy, Risk Assessment Report (RAR), Security Assessment Plan (SAP), and Security Assessment Report (SAR). Identify security controls to be implemented, work with system owners to implement, and test controls, prepare required artifacts, and complete actions required in the RMF in the timeframe in which they are required. Provide subject matter expertise regarding the development of RMF packages and the RMF process for a portfolio of approximately two hundred systems. In this capacity, serve as a resource in both package development and in navigating the RMF process for the Team SUB enterprise. Serve as Navy Risk Management Framework (RMF) support Independently validate cybersecurity artifacts developed by TEAM SUB Enterprise system owners (approximately two hundred systems) as part of the Risk Management Framework Accreditation and Authorization process that are uploaded to DoN Enterprise Mission Assurance Support Service (eMASS). Organize and assist with the updating and coordination of records in the TEAM SUB Enterprise Cybersecurity portfolio of all Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems. Validate that all DON–specified cybersecurity– specific information systems, including Enterprise Mission Assurance Support Service (eMASS), Procurement Business Intelligence Service (PBIS), DoD IT Portfolio Repository (DITPR)–DON, Vulnerability Remediation Asset Manager (VRAM), the DON Application and Database Management System (DADMS), and the Enterprise Reporting Service (ERS) Cybersecurity Scorecard on Secret Internet Protocol Router (SIPR) network, are continuously accurate and reflect the cybersecurity posture of TEAM SUB and its assigned field activities, including NUWC and SUBMEPP and provide status to TEAM SUB staff. Respond to data calls from DoD, DON, and NAVSEA organizations. Review all system DITPR–DON and DADMS records assigned to the TEAM SUB Enterprise to validate that these systems are current and compliant with Federal Information Security Management Act (FISMA) applicable cybersecurity regulations, as evidenced by the FISMA Scorecard remaining in the compliant (Green) status for a combined portfolio of approximately two hundred systems. Participate in the TEAM SUB Enterprise/DON's annual cybersecurity review of all TEAM SUB BMA, DIMA, EIEMA, and WMA Systems. This participation shall include liaison with DON and NETWARCOM personnel to review methodology, validate that TEAM SUB systems are compliant, accurate, and ready for inspection, coordinate reviews, and coach cognizant programmatic and technical personnel to help TEAM SUB personnel ensure that applicable DoD regulations identified by DoDI 8500.01 and DoDI 5000.02 are followed, and that TEAM SUB systems (approximately 200 systems) meet FISMA reporting and privacy requirements. Assist in the investigation of inadvertent electronic spillages of classified information, and draft and submit reports to the ASM concerning the spillage and the impact. Assist with the coordination of investigations with NAVSEA, Naval Criminal Investigative Service, Defense Security Service, and other authorities. Initiate and coordinate remediation actions, and track to closure. Educate personnel via Training, Team Talks, e–mail reminders, or through the use of online training to prevent future spillages and recommend policy or procedural changes when needed. Provide direct expertise and assistance to ensure that cybersecurity is fully integrated into the system lifecycles of all TEAM SUB acquisition and life–cycle maintenance platform programs in accordance with DoDI 8500.01 and DoDI 5000.02. Qualifications To be successful in this role, you will have: A current or active DoD Secret clearance or be eligible for a clearance. A Bachelor's degree in computer science, management information systems, or related fields or equivalent experience. Zero to two years experience. Two or more years' experience with RDT&E and Business IT systems and the phases of Certification and Accreditation (C&A) process. CompTIA Security + is a pluse. Demonstrated oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems. Good communications skills and excellent word processing, database, spreadsheet programs, Microsoft applications. The ability to travel at least 10% of the time. Additional desired experience and skills: Two or more years of experience in an Information Assurance (IA) or C&A related field. Familiarity with and understanding of Navy IT sites, systems, and infrastructure. If you are interested in supporting and working with our military and sailors, and an enthusiastic Serco team, then submit your application now for immediate consideration – it only takes minutes to apply and could change your career! In compliance with the District of Columbia's Equal Pay for Equal Work Act, the salary range for this role is 59,906.24 to 99,844.49; however, Serco considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills. Company Overview Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco's 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters. To review Serco benefits please visit: . click apply for full job details