Cyber A&A Engineer

Blackstone Talent Group, an award-winning technology consulting and talent agency is seeking a Cyber A&A Engineer to join our Client's team.

Position Responsibilities:

The successful candidate will be expected to communicate and work closely with C2BMC Operational ISSOs in direct support of the Operational eMASS packages managed by the A&A team. Additionally, the candidate will work closely with system owners, cyber peers, program office technical/management staff, and other C2BMC functional areas to ensure the system attains and maintains appropriate Authorization for Connection, Test, and Operational purposes.

Responsibilities include assisting with cyber products analysis, vulnerability mitigation, and POA&M management to support the successful delivery of eMASS packages and Ports, Protocols, and Services (PPS) in accordance with contract schedules.

The role will focus on a blend of:

• Technical documentation
• Surge support for authorization packages in eMASS
• Vulnerability assessments
• Engineering responses for system POA&Ms
• Proposal support
• Risk analysis for Risk Acceptance Requests (RARs)

Basic Qualifications

• Generally 3+ years of related experience and may have a post-secondary degree or training in a related discipline
• Active Secret security clearance required at start
• IAT Level II (DoD 8140) certification required at start

Strong working knowledge of:

• Patch management
• Multi-factor authentication
• Host-based security
• Intrusion detection
• Security event management
• Active/passive system scanning
• Defense-in-depth

Required experience:

• Creating/updating A&A packages for RMF Authority to Operate (ATO)
• Hardening Windows and Linux systems (GPOs, IAVMs, STIGs)

Working knowledge of:

• Information Assurance (IA) technologies
• NIST standards
• DoDI 8500.2
• RMF security controls

Understanding of Agile development lifecycle, including:

• Reviewing requirements and architecture documents
• Using cyber audit tools
• Conducting vulnerability and compliance audits
• Performing vulnerability scans and configuration auditing

Preferred Qualifications

• Strong technical documentation and communication skills for presenting cyber issues to government and program stakeholders
• Experience with scripting languages such as Python and PowerShell
• In-depth vulnerability analysis experience
• Hands-on experience with Agile tools and methodologies

Familiarity with tools such as:

• ACAS (Tenable.sc / Nessus)
• Evaluate-STIG
• STIG Manager
• Trivy

Security Clearance Required: Secret

Blackstone Talent Group is a wholly owned subsidiary of Blackstone Technology Group, a global IT services and software firm that implements technological solutions across commercial industry verticals and the US Federal Government. Blackstone's global talent augmentation practice was founded in 1998. Blackstone Talent Group has offices in San Francisco, Denver, Houston, Colorado Springs, and Washington, DC. We specialize in providing clients the best talent across a variety of industries and sectors.

EOE of Minorities/Females/Veterans/Disabilities