Location - Satellite Beach, FL

 

Position Description:

Black Rock Engineering and Technology is looking for motivated self-starters who can contribute to Risk Management Framework (RMF) assessment and authorization (A&A) efforts. The Cybersecurity Engineer will help assess, harden, and document policies and procedures in preparation of IATT and ATO submissions. Flexibility to help other teams is a plus, such as System Administration or Network Engineering. Candidate must be a U.S. citizen with an active secret security clearance or the ability to obtain one.

This opportunity is for 1099 hourly employment which could lead to W2 employment with Black Rock for other efforts. Positive attitude and motivation will be weighed greatly and is a must for any position with our company.  Opportunities include assisting with RMF efforts on Industrial Control System projects, as well as assisting with Cybersecurity Maturity Model Certification (CMMC) and the Defense Federal Acquisition Regulation Supplement (DFARS) 7012 compliance.  You must be willing to travel 25% for any position with Black Rock, as many of our customer’s sites are spread out.
 

Qualifications:

  • Security+ or CISSP
  • Computing Environment certification such as Linux+, CCNA or Microsoft Certified Professional
  • Active Secret Security Clearance
  • Strong hands on experience utilizing SCAP Compliance Checker (SCC)
  • Strong hands on experience utilizing multiple Security Technical Implementation Guides (STIGs)
  • Strong hands on experience utilizing ACAS/Nessus
  • Strong hands on experience utilizing DISA STIG Viewer
  • Strong hands on experience compiling results for delivery
  • Strong experience with NIST requirements
  • Experience with writing/running scripts
  • Experience with not only assessing STIGs, but also hardening, configurations and patching
  • Experience writing policy and procedure to support RMF artifacts to include control families, POA&Ms, Risk Assessments, Implementation Plans and Security Plans
  • Ability to present and brief leadership and customer
  • Ability to work in environment with little supervision while understanding how to prioritize and stay engaged

 

Preferred/ Desired Skills:

  • System Administration experience in an enterprise/Active Directory Environment, to include setting up groups, auditing, separation of duties, and other NIST principles.
  • Past experience in DIACAP a plus
  • Cisco and/or Juniper experience
  • LogRhythm experience
  • Willingness to travel 25%
  • CISSP
  • HBSS experience
  • eMASS experience
  • Bachelor’s degree in Computer Science, IT or Business Management
  • 5+ years of experience in Cybersecurity