** Contingent upon contract award. Responsible for providing assistance in reviewing, monitoring, and updating Cybersecurity documentation as related to USBR Cybersecurity Risk Management.
Essential Job Functions/Knowledge:
Under minimal supervision, perform as a member of a team consisting of other cybersecurity engineers and specialists in the application of technical and functional expertise to perform on-site compliance assessments and security engineering and advisory for federal networks, information systems, and applications using standards such as FISMA and NIST guidance.
Specific Duties may entail:
· Serve as a Security Engineering (SE) Subject Matter Expert (SME) with proficiency in FISMA, Risk Management Framework (RMF) for federal IT, and affiliated NIST security controls.
· Function in support of Information Systems Security Officers (ISSO) advising federal clients on security protocols and compliance measures for a variety of systems.
· Assist with FISMA assessments, including coordination, preparation, execution, and concluding documentation.
· Utilize common Information Assurance (IA) /Cybersecurity (CS) assessment tools and techniques
· Demonstrate knowledge of network devices and interconnections (i.e., routers, switches, IDS/IPS, firewalls, DNS).
· Demonstrate technical experience in identifying and mitigating and/or remediating vulnerabilities or misconfigurations.
· Perform system administration functions on various operating systems, including Linux, Unix, and networking devices.
· Support the development of technical and programmatic documentation for dissemination to a wide audience, often in the form of verbal and visual updates, technical reports, and/or briefings.
· Apply understanding of cybersecurity concepts, practices, and tools to administer security efforts for complex federal networks and information systems.
· Maintain on-going awareness of emerging cybersecurity threats and trends.
· Support the development and maintenance of necessary technical documentation and standard operating procedures (SOPs).
· At least 3 years of general or specialized IT experience.
· At least 4 years of experience in conducting FISMA assessments and cybersecurity engineering such as in an ISSO/ISSM or cybersecurity engineer role.
· Functional knowledge of FISMA, NIST 800-53, and associated controls and practices.
· Understanding of emerging cybersecurity threats and trends, including an ability to describe highly publicized cyber intrusions within the last year.
· An Undergraduate Degree in Computer Science, Information Assurance, IT Management, or related discipline is highly preferred
· Certified Information System Security Professional (CISSP) certification preferred