Point Rock Solutions is small fast paced company where talent and teamwork are the keys to its success. At Point Rock we are proud of our strong family culture throughout the organization and we know that our employees’ success equates to Point Rocks’ success. Everyone is encouraged to reach their potential and is given opportunities for advancement. It is a place where your management team and colleagues respect and care about you and each other. We value our employees and offer benefits enhancing your time, pay, health, career, and interests.
Location: Charleston, SC
Point Rock is seeking qualified Cyber Security and Information Assurance Engineers responsible for identifying, implementing, assessing, and managing cybersecurity capabilities and services, providing leadership, team coordination, and subject matter expertise in preparing Certification and Accreditation (C&A) and/or Assessment and Authorization (A&A) packages and leverages the C&A/A&A process steps as a means for system authorization.
The cybersecurity engineer will be responsible for identifying, implementing, assessing, and managing cybersecurity capabilities and services, providing leadership, team coordination, and subject matter expertise in preparing Certification and Accreditation (C&A) and/or Assessment and Authorization (A&A) packages and leverages the C&A/A&A process steps as a means for system authorization. This includes DIACAP and/or RMF accreditation packages and artifacts generation, planning, and executing security test and evaluation (ST&E), analyzing test results, drafting Risk assessment Reports (RAR), C&A Plans, Plan of Actions and Milestones (POAM’s), Security Assessment Report (SAR), Security Assessment Plan (SAP), conduct required vulnerability analysis to support mitigation and residual risk determination, and eMASS data entry. The cybersecurity engineer must have experience with performing vulnerability scans on various Operating Systems using approved DISA tools. Experience with UNIX/Linux preferred. The cybersecurity engineer shall provide security related advice and assistance to system engineers and program managers on security related matters and develop security related procedures, policies, and technical recommendations, as required. The cybersecurity engineer must possess excellent customer service and communication abilities needed to create and present oral & written briefs along with strong problem solving skills.
Our Leesburg office is located in a HUBZONE and we are positioning to become a HUBZONE certified business. PREFERENCE WILL BE GIVEN, BUT NOT LIMITED TO, APPLICANTS WHO LIVE IN A HUBZONE AREA. Go to sba.gov and enter your address to determine if your legal residence is located in a SBA HUBZONE. If you are college student you may enter student housing address.
Interested candidates should have working knowledge of:
· Must be familiar with EMASS and C&A/A&A package entry.
· Knowledge of DoD 8500 Series Policies (DoDD 8500.1, DoDI 8500.2, DoD 8500.01, DoDI 8510.01 (DIACAP and RMF)), CNSSI 4009, NIST SP 800-53 Security Control Catalog, CNSS 1253, CNSSI 1253, and NIST Special Publication (SP) 800-53.
· DoD 8510.01 and the Department of Navy DIACAP handbook and experience developing Certification and Accreditation (C&A) documentation
· ACAS, VRAM, HBSS and WSUS familiarity
· DISA STIG
Services provided shall be in compliance with all site local and DOD Navy governing policies, DOD UCR 2013, and UC APL.
Summary of duties/qualifications:
· Review security requirements, products, configurations and cybersecurity architectures for compliance with DoD policies. Development and execution of C&A schedules and documentation.
· Development and execution of security test plans and assessing the cybersecurity risk of IT systems.
· Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
· Participate in collaboration meetings; act as a trusted agent to program managers and cybersecurity practitioners and track critical cybersecurity processes experience in assessing a network and/or systems using cybersecurity automated tools such as Nessus, SCAP, and any applicable Security Technical Implementation Guides (STIGs) in accordance with DISA requirements.
· Must be able to communicate with personnel and clients effectively.
Preferred Skills and Abilities:
· Excellent written and verbal communication, listening, and presentation skills
· Ability to work effectively and add value as a team member
· Proficient with Microsoft Office products (Word, Outlook, Excel, Visio)
· Strong problem solving skills: ability to assess a problem and determine an effective course of action.Back to Careers