Sr. Operational Technology (OT) Cybersecurity Engineer SME (Secret)
Description:
Job Description
Sr. Operational Technology (OT) Cybersecurity Engineer SME
Location: Hybrid - Fort Belvoir, Va
Salary: $200K-$220K W2
Clearance Needed: Secret or Higher
Performs a variety of routine project tasks applied to specialized Cybersecurity problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cybersecurity requirements. Analyzes information security requirements. Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Provides security engineering support for planning, design, development, testing, demonstration, integration of information systems.
The Contractor shall provide analysis of existing and emerging DLA Information Systems, Operation Technology (OT), and IT Infrastructure to assess compliance with DLA, DoD and Federal Information Assurance policy, order, task and or regulation for unclassified and classified systems.
The Contractor shall review both existing and draft/proposed policy and changes against system design documentation and identify any areas of non-compliance for unclassified and classified systems.
The Contractor shall assist with and/or conduct Security Test and Evaluation and IA/Cybersecurity assessment reviews as a way of validating compliance with DLA, DoD and Federal Information Assurance policy, order, task and or regulation for unclassified and classified systems.
The Contractor shall review all proposed and draft DoD policies and provide an assessment of the impact of the proposed policy on DLA Cloud, OT, IT and IA/Cybersecurity architecture for unclassified and classified systems.
The Contractor shall develop and document standards and guides for the implementation of IA/Cybersecurity solutions including but not limited to, compliance, system security design and IA/Cybersecurity assessments for Cloud, OT, and IT for unclassified and classified systems.
The Contractor shall conduct and document Risk Assessments identifying risks to the information system’s and determining the probability of occurrence, the resulting impact, and additional safeguards that would mitigate the exposure and impact of the identified risk(s) for Unclassified and Classified systems. This requires sourcing real-time vulnerability and intelligence information through open-source and classified resources. Provide a decision recommendation once the assessed risk to the information system given the mitigated or corrected state of any or all existing weakness(s).
The contractor maybe required to handle COMSEC material in-accordance with DoD policy and DLA procedures to access classified facilities. Contractor is required to complete the annual training on COMSEC procedures.
Contractor shall provide weekly status update on all open assignments and tickets and projects.
Minimum Experience:
Ten (10) years of relevant IT experience
Operation Technology Five (5) Years of relevant OT experience
DoD Secret Clearance or above
Must possess a minimum Tier 3 security investigation
IA Certification (IA): Relevant certification meeting DOD 8570/8140 IAT level III, and IASAE level III. (Must have IASAE III Certification within 6 months of coming on the contract. Must meet all other requirements)
Computing Environment (CE): Microsoft Certified Solutions Associate or Expert, Cisco Certified Network Administrator, Microsoft Azure Security Technologies, Amazon Certified Security, or designated CE by the COR
Recommended DoD baseline certs for this position:
IA Certification (IA): Recommended DOD 8570/8140 Baseline Certifications meeting
IAT /IAM Level III
Primary Baseline Certification (one of the below)
CISSP
or GICSP
Computing Environment Certification
Primary CE Certification (one of the below)
AWS CSA Associate
or ICS Cybersecurity 301V (not needed if you have GICSP)
or Azure Fundamentals
IASAE III - Must obtain within 6 months of coming on the contract
Primary Certification (one of the below)
CCSP
or CISSP-ISSEP
or CISSP-ISSAP
Full-time