Apply Description

Continuous Monitoring (ConMon) Cyber Systems Engineer

TS/SCI CI poly

Chantilly, VA

Position Description:

The ConMon Cyber Engineer provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

Support the Information Security Continuous Monitoring (ISCM) Program Lead in maturing the customer’s Continuous Monitoring (ConMon) program.Generate and lead ConMon process improvement activitiesCoordinate with the Cyber Data Science team to identify sources of information to better evaluate customers ConMon activities.Coordinate with Cyber Data Science team to create new views of customer’s ConMon postureCollect the necessary data, develop, and deliver reports to show customer’s progress of the enterprise wide ConMon program.Develop and deliver asset ConMon compliance views for categories such as mission, cross domain, and location, as required by the customer.Proactively identify and provide metrics and reporting data appropriate for stakeholders in each of the Tiers identified in the NIST SP 800-137Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon toolGuides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry languageAssist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reportingProactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systemsInitiate and participate in studies to improve ConMon reporting metricsRecommend improvements on Enterprise Security Services (ESS) tool implementations

Qualifications:

Required:

Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certificationDoD 8570 certification in IAT or IAMKnowledge of and experience with RMF step 6 (Continuous Monitoring) policiesExperience implementing ICD 503 RMF Process and NIST 800-53, 800-137, 800-37 and 800-53a technical controls, as well as developing and maintaining associated certification and accreditation documentationExcellent communications skills – both verbal and non-verbalExperience in one or more roles as SysAdmin, ISSM, ISSO, ISSE, DAO-R, SCA or ISOOffice Automation Skills – MS Office, MS Project, VisioSelf-starter requiring limited direction and supervision

Desired:

Experience briefing senior customer personnelAbility to organize and prioritize numerous customer requests in a fast pace deadline driven environmentFamiliarity with Amazon Web Services (AWS)Familiarity with customer's IA processesExperience with ServiceNow and SplunkExperience supporting IC or DoD in the Cyber Security Domain