Senior It Security Engineer

Serve as a Cybersecurity Subject Matter Expert (SME) supporting agency personnel with FPCS assessments.Provide cybersecurity support and documentation to obtain favorable assessments and for continuous monitoring of systems throughout their lifecycle.Fully versed in the general tenets supporting the overall implementation of its authorization process, to include supporting cybersecurity policy, procedures and processes.Support cybersecurity process by serving as a SME for the FPCS undergoing authorization.Design, develop, implement cybersecurity into the system and deliver cybersecurity assessment documentation and other related documentation.Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing FPCS.Determine the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determine the possible ramifications on the system’s current or future authorization.Perform key functions related to security control selection, implementing controls, documenting controls, and closely collaborate with personnel on complex system details. This includes monitoring and controlling communications at key internal boundaries among subsystems and providing system-wide common controls that meet or exceed the requirements of the constituent subsystems inheriting those system-wide common controls.Development, integration, and testing to deliver and deploy production-ready systems that meets business requirements and project schedule.Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort and project schedule.Design architecture and establish best practices that produce efficient and elegant system operations while reducing refactoring and rework.Provide support with the STIGs process and develops and submit cybersecurity documentationResponsible for the implementation, including meeting all required STIG compliance; keeping the FPCS systems/applications in compliance with required STIGs; and supporting reviews associated with STIGs, cyber assessments, and continuous monitoring activities.