Cyber Security RMF Support

Job description

Title:
Cyber Security RMF Support


Belong.

Connect.

Grow.

with KBR!


KBR’s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities.

In this position, your work will have a profound impact on the country’s most critical role – protecting our national security.


KBR (formerly LinQuest) is the prime contractor on the MSEIT contract.

By applying to this position, you are in consideration for KBR employment.

However, you also have the option to be hired by one of our subcontractor teammates.


You will join a systems engineering team defining the next generation of space communication systems supporting US Space Force (USSF) satellite communications.

You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment.

You will interface and collaborate with SE&I team members, contractors, government civilians and members of the USSF.

You will lead and support several working groups responsible for leading technical discussion, resolve and identify risk, requirement gaps, developing briefings, writing, and tracking action items, and authoring meeting minutes.


The MILSATCOM Systems Engineering, Integration, and Test (MSEIT) effort provides leading edge Systems Engineering & Integration (SE&I) for the US Space Force’s Space Systems Center (SSC).

We support the Space Force’s acquisition of state of the art satellite communications systems, providing global secure, survivable, and protected communications for our nation’s warfighters.

We seek technical individuals who will thrive in a highly collaborative work environment of small teams, using the most modern tools and methodologies to tackle the challenges of integrating complex space and ground communications systems.


Why Join Us?

+ Innovative Projects: KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.

+ Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace.

+ Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.


Key Responsibilities:

+ Support the SSC with ensuring security, quality, timeliness, mission partner support, completeness, and regulatory compliance of ATO RMF documentation

+ Experience creating, editing and reviewing RMF, policy documents to implement administrative controls for each of the Rev 5 control families.

+ Experience developing and reviewing and performing self-assessments of control narratives and System Control Traceability Matrix (SCTM)

+ Experiencing reviewing and editing ATO artifacts such as Ports, Protocol and Services, matrix and Hardware/Software lists.

+ Proposing, coordinating, implementing, and enforcing all Department of the Air Force information system security policies, standards, and methodologies

+ Familiarity with vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks

+ Knowledge of evaluating operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides

+ Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems

+ Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides)

+ Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.

Coordinate changes or modifications with the system-level Information System Security Manager (ISSM), Security Control Assessor (SCA), and/or the Wing Cybersecurity office

+ During system development, recommends protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered.

+ During system development, reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling

+ Recommends exceptions, deviations, or waivers to cybersecurity requirements.

+ Preparing certification letters and Memoranda of Agreement (MoA), Authorization to Connect (ATC) packages, Interconnection Security Agreement (SIA), and Security Impact Assessments with system owners for interface and networking implementations

+ Support the following responsibilities: security control assessor (SCA) and Security Technical Implementation Guide (STIG) curated to DOD/DAF/USSF baselines, audit standards, and plan of actions and milestones (POAM)

+ Attend cleared expert threat briefings; have oversight of security program design, incident response plans, cyber risk assessments, and attack surface assessments; investigate security breaches, perform red, blue, purple, ethical hacking, orchestrate vulnerability assessment, develop security protocols, conduct tabletop exercises, and breach readiness reviews

+ Completes and maintains required cybersecurity certification in accordance with (IAW) AFMAN 17-1303.


Work Environment:


Location: Onsite

Travel Requirements: Minimal

Working Hours: Standard


Qualifications:

Required:

+ An active Secret clearance is required for this position

+ BA or BS degree in engineering, physics, chemistry, mathematics, computer science, network, and telecommunications; information systems, information technology, or computer information systems

+ Minimum 2 years of continuous Information Systems, Information Assurance/Cybersecurity (IA/CS) experience.

+ Understanding and working knowledge of Risk Management Framework (RMF) Rev 5 and DODI 8510.01.

+ 2 continuous years of experience with security controls and implementation delineated in Committee of National Security Systems Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG).

+ 2 continuous years of experience with performing vulnerability assessments using Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks.

+ 2 continuous years of experience using SolarWinds and Splunk or other network analysis tools.

+ Extensive experience working with Linux/Unix Command Line Interface and using regular expression queries.

+ Ability to read and extract Cisco configuration files.

+ 2 continuous years of experience implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.

+ 2 continuous years of experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems.

+ Experience identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL).

+ Experience working in a military organization in a cybersecurity role with military tactical or enterprise systems.

+ Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoDM 8140.03.

(i.e., CompTIA CASP+, CISSP).


Desired:

+ Master’s degree in Computer Science/Engineering with emphasis in Cyber Security

+ 5+ years of work experience in Cyber Security

+ 5+ years of work experience in System Engineering Architecture/Design

+ Linux and Cisco certifications

+ DoD Space program experience

+ Security Test and Evaluation (ST&E)

+ TS/SCI Clearance


Basic Compensation: $135,000-$168,000 in California

The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity.


Ready to Make a Difference?

If you’re excited about making a significant impact in the field of space defense and working on projects that matter, we encourage you to apply and join our team.


KBR Benefits

KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.

We support career advancement through professional training and development.






Belong, Connect and Grow at KBRAt KBR, we are passionate about our people and our Zero Harm culture.

These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company.

That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow.

We Deliver – Together.




KBR is an equal opportunity employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

Required Skill Profession

Other General