As the Cyber Security Engineer, the individual will perform tasks related to Assessment & Authorization (A&A) within MDIA to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs. Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerabilities, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.

Responsibilities
Develops RMF documentation to include system security plan artifacts which include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, contingency plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other DoD and Navy mandated artifacts that comprise the Security Authorization Package
Develops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO authorizations
Conduct risk assessments of information systems to identify vulnerabilities, risks, and protection needs
Heavy participation in and responsible for RMF step 4 activities and requirements. Must prepare risk assessment documentation and artifacts according to the published Navy SCA requirements. Provides guidance and assistance for Navy RMF step 3 requirements
Performs weekly ACAS vulnerability scans utilizing DoD/DoN mandated practices and software utilities
Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253, and the Navy RMF Process Guide (RPG)
Prepares daily, weekly, and monthly reports detailing task and responsibility status.
Develops, reviews, and maintains RMF artifacts for RMF compliance. Updates artifacts as changes to the networks occur
Monitors and executes compliance as defined by Navy and DoD policy and guidance.
Weekly uploads of vulnerability scans to VRAM tool
Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
Provides IT Security Incident Response support services and reports all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
Performs RMF system categorization; select controls, tailor security controls, implement controls, and test security controls activities

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .