Contact Us Login Home

Founded by Veterans in Hampton Roads

Company Name:
System Technology Forum, Ltd
Approximate Salary:
Not Specified
Fredericksburg, Virginia
United States
Position type:
Full Time
Experience level:
5 - 8 years
Education level:
Bachelor's Degree

Security Engineer

STF is an Equal Opportunity Employer of Minorities, Females, Veterans, and Individuals with Disabilities. The candidate will support a variety of security and engineering activities across Cybersecurity, Risk Management, Certification and Accreditation, Information Assurance oversight, technical support and documentation, as specified in the DoD Instruction 8500.01 and SECNAV Instruction 5239.3B. Primarily candidate will be expected to support data gathering, accreditation package development for systems covered under DIACAP or RMF. Candidate holding a current Navy or Marine Corps Validator endorsement may also provide validation services for specific systems and artifacts. Candidate will support laboratory device testing for impacts to performance functionality and security compliance as well as system hardening through the application of Security Technical Implementation Guides (STIG) and Security Requirements Guides (SRG). Candidate may support penetration testing events. The candidate will be responsible for the following: Author DoD IA Certification and Accreditation artifacts,  Document a system from an IA perspective using Microsoft Office including MS Word, MS Excel and MS Visio and other appropriate tools, Derive, document and/or identify system CONOPS for Mission Assurance Categorization per DoDI 8500.2, Research and recommend logical and physical solutions that prevent, detect and correct the system to be certified and accredited, Apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations, Identify disagreements between as built specifications, security requirements and DoD security policies and recommend approaches to bring the system into compliance, Author and revise system requirements and specifications to meet DoD security policies, Perform vulnerability tests as Red Team and Blue Team using manual techniques, Assured Compliance Assessment Solution (ACAS) and other similar and appropriate IA and security tools, Plan, execute and document risk assessments against known vulnerabilities based upon security approaches and known hacker techniques and exploits, Identify and perform security analysis of connectivity relationships between the subject US Naval warfare system and the equipment to which it interfaces, both physically and virtually, Lead and perform as Information Assurance Officer to be focal point for all security matters related to specific sets of information systems, Define an Information Assurance Vulnerability Management (IAVM) Plan, Plan, execute and document results of security tests. Candidates must be able to conduct themselves in a professional manner within office, laboratory, or operational military environments. Candidates should be able to periodically lift up-to 50 lbs. for short periods of time (e.g. lifting/moving laboratory equipment). Degree in a Computer Science, Engineering or Information Technology related field is desired but not required. A minimum of 5 years’ experience in analyzing and securing DoD or Information Technology systems for compliance with specifications, requirements and policies including hands on support under the application of RMF. Candidate must possess and display an understanding of computer security, military system specifications, DoD IA policies and the ability to communicate clearly and succinctly in written and oral presentations. Minimum of a DoD 8570.01-M IAT Level II certification (e.g. Security+, CISSP, etc.) AND computing environment (e.g. Windows, Linux, Cisco, etc.) certification or training. Certification meeting IAT Level III or IAM Level II is desired.


Please apply on our website: