The Cybersecurity Engineer supports the Risk Management Framework (RMF) and Authorization & Accreditation (A&A) processes for DoD systems. You'll work to ensure systems are secure and compliant with federal cybersecurity standards and help guide them through the RMF lifecycle, from initial assessment to ongoing monitoring.
As a Cybersecurity Engineer, you will play a critical role in helping secure systems from emerging threats while maintaining compliance with stringent RMF and A&A requirements:
Required Skills and Qualifications
• Must possess a BA or BS degree with 12 years of experience in cybersecurity engineering, with a strong focus on Risk Management Framework (RMF) and Authorization & Accreditation (A&A) processes within a DoD or government contracting environment
• In-depth understanding of the Risk Management Framework (RMF) as outlined by NIST SP 800-53, NIST SP 800-37, and other related standards
• Proven experience managing the Authorization & Accreditation (A&A) process for DoD systems, including the preparation of System Security Plans (SSP) and Security Assessment Reports (SAR)
• At least one of the following: CISSP, CISM, Security+, or CASP+
• Familiarity with the NIST Cybersecurity Framework (CSF), NIST SP 800-53, CNSSI 1253, and other applicable federal cybersecurity standards
• Experience with selecting, applying, and assessing security controls for systems, networks, and software
• Hands-on experience with security tools for vulnerability scanning, configuration management, and continuous monitoring (e.g., Nessus, ACAS, SCAP, DISA STIGs)
• Strong ability to produce clear, concise security documentation
• Knowledge of tools like Terraform or CloudFormation for automated provisioning of cloud resources
• Excellent verbal and written communication skills
C2 Essentials is an Equal Opportunity Employer.