Overview:
Cyber Security SME
Herndon, VA
TS/SCI with Poly
Bridge Core provides high energy, unified teams; technology integration experience; and innovative approaches, to enable our clients’ mission. We enable our clients’ mission by integrating innovative technologies and implementing adoption processes that modernize the digital workplace. Our trusted, skilled, and diverse team members are making a lasting impact by building tailored, client focused solutions.
Do you want to join a team that is building tailored technical solutions to modernize our government’s mission and our client’s business? Do you have a desire to change how people work? Are you interested in helping to protect our nation’s cyber interests? Join our growing team supporting the government agencies in its mission as a Cyber Security SME in Herndon, Virginia.
Responsibilities:
Responsibilities:
- We are looking for an ISSE to join our technology-based program supporting a key government customer.
- This program will deliver engineering services for network infrastructure as well as sophisticated enterprise computing infrastructure including end-point devices, data center hosted servers, multi-Cloud services as well as virtualized applications, and storage systems.
- Enterprise Computing Engineering services include modern application technology including containerized solutions with orchestrated workflow that function both on customer premise, and via remote Cloud services.
- Network infrastructure engineering services are comprised of core infrastructure, voice and video engineering, field engineering, application management and development for networks, network analytics, firewalls, network access controls and bandwidth service delivery.
Qualifications:
Required Qualifications:
- We are actively seeking Cyber Security Systems Engineers with a minimum of sixteen (16) years' experience.
- This opportunity is supporting the customer's Division level A&A projects which has several Branches within it.
- The A&A projects are therefore at various levels within the customer organization depending upon which team is responsible for initial development and accreditation vs. long term Operations and Maintenance support.
- Bachelor’s or master’s Degree are preferred in one or more discipline but can be waived if previous direct ISSE support to this customer's agency.
- Specific skills include the following: Possess multi-tasking skills, as well as be a good communicator/facilitator.
- Comfortable at all levels from developer to senior staff. Knowledge of the complex network environments involving shared networks and multiple security enclaves. Possess the ability to bridge the technical implementation (i.e. developer talk), into commonly understood security words.
- Often this is a skillset and is not an actual language, but frequently translation or a basic understand needs to be conveyed by the ISSE when speaking with others or in writing the documentation in order to ensure it's easy to understand.
- Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts.
- Document and obtain a general understanding of the architecture being developed or that was developed for each project in order to write the Systems Security Plans (SSP)/CONOPS in the Greenlight application.
- Gather the information by working with various team members in order to write various additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP's), etc. Support Accreditation and Authorization (A&A) reviews by ISSO/M, as well as the Security Controls Assessor (SCA)Document the Plans of Actions and Milestones (POA&Ms) implementation responses or mitigations, as well as provide all required artifacts (i.e. evidence gathering from the teams)
- Coordinating with various contractor and staff personnel to obtain the A&A content, as well as working with various customer security organizations to navigate the customer's A&A process in order to achieve Authority to Develop (ATD), Interim.
Desired Qualifications:
- Previous ISSE experience directly supporting the customer.
- Previous ISSO experience directly supporting the customer is also helpful.
- Various security tools and reports such as:
- Greenlight
- RoadRunner
- Rapid 7
- WebInspect
- App Detective
- SplunkPublic
Private and hybrid Cloud experience (AWS, Microsoft Azure, etc.) Virtualization experience (VDI & VMWare)Basic knowledge is helpful, but not required for the following general topics: Cloud security control implementation, PKI implementation, STIG compliance and vulnerability management, and Security Development and Operations (SecDevOps)CISSP, or GSLCAWS Certified Security SpecialtyBasic Excel and Microsoft Office365
What you can expect from us:
Bridge Core is proud to be an equal opportunity workplace and affirmative action employer. We celebrate diversity and are committed to creating an inclusive environment for all team members and applicants. At Bridge Core, we ensure fair treatment for our team members and applicants based on their abilities, achievements and experience without regard to race, national origin, sex, age, disability, veteran status, sexual orientation, gender identity or any other classification protected by law.
Bridge Core does not have a vaccination mandate applicable to team members. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements. Regardless of vaccination status , personnel are required to wear masks while indoors when the CDC COVID-19 Community Level is High.