ConMon Cyber Systems Engineer (Continuous Monitoring)

Job Title

ConMon Cyber Systems Engineer (Continuous Monitoring)

Location

Chantilly, VA US (Primary)

Job Type

Full-time

Category

IT Security

Job Description

This position is contingent upon award.

Program Description:

The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support

Position Description:

The ConMon Cyber Engineer provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

Support the Information Security Continuous Monitoring (ISCM) Program Lead in maturing the customer's Continuous Monitoring (ConMon) program.

Generate and lead ConMon process improvement activities

Coordinate with the Cyber Data Science team to identify sources of information to better evaluate customers ConMon activities.

Coordinate with Cyber Data Science team to create new views of customer's ConMon posture

Collect the necessary data, develop, and deliver reports to show customer's progress of the enterprise wide ConMon program.

Develop and deliver asset ConMon compliance views for categories such as mission, cross domain, and location, as required by the customer.

Proactively identify and provide metrics and reporting data appropriate for stakeholders in each of the Tiers identified in the NIST SP 800-137

Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool

Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language

Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting

Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems

Initiate and participate in studies to improve ConMon reporting metrics

Recommend improvements on Enterprise Security Services (ESS) tool implementations

Job Requirements

Qualifications:

Required:

Current U.S. Government Top Secret clearance with SCI eligibility

Favorably adjudicated Polygraph

Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification

DoD 8570 certification in IAT or IAM

Knowledge of and experience with RMF, particularly step 6 (Continuous Monitoring) policies

Experience implementing ICD 503 RMF Process and NIST 800-53, 800-137, 800-37 and 800-53a technical controls, as well as developing and maintaining associated certification and accreditation documentation

Excellent communications skills - both verbal and non-verbal

Experience in one or more roles as SysAdmin, ISSM, ISSO, ISSE, DAO-R, SCA or ISO

Office Automation Skills - MS Office, MS Project, Visio

Self-starter requiring limited direction and supervision

Desired:

Experience briefing senior customer personnel

Ability to organize and prioritize numerous customer requests in a fast-paced deadline driven environment

Familiarity with Amazon Web Services (AWS)

Familiarity with customer's IA processes

Experience with ServiceNow and Splunk

Experience supporting IC or DoD in the Cyber Security Domain

Travel

Security Clearance

Top Secret/SCI/CI Poly