Cyber Security Engineering Director - Hybrid DoD RMF Lead

Cyber Security Engineering Director

Fairwinds Technologies is looking for a Cyber Security Engineering Director who will support a wide range of Cyber responsibilities. The Cyber Security Engineering Director will be responsible for initiating and maintaining program System Security Plans, RMF, IT procedures, and continuously monitoring and maintaining a consistent system program security posture. The Cyber Security Engineering Director will also demonstrate extensive knowledge, experience, and expertise in the areas of cyber risk, compliance, and acquisition activities in support of DoD cybersecurity policies and objectives.

• Bachelor’s degree in cybersecurity, information assurance, computer science or a related technical discipline
• 14+ years’ experience conducting Cyber Analysis or Cyber Operations
• 7+ years’ experience with DoD telecommunications policies and procedures
• 7+ years’ experience with security‑centric data sets
• Active TS/SCI DoD Clearance
• Detailed knowledge of a Risk Management Framework (NIST RMF, NIST CSF)
• Demonstrated experience installing, managing, and operating continuous monitoring support solutions including development of metrics for reporting and auditing
• RF background, or a basic understanding of satellite communications
• Familiarity with USG DI‑MGMT‑82191
• Familiarity with the Federal Information Security Management Act (FISMA)
• Certified in accordance with the baseline certification, as stipulated in DoD 8570.01‑M (Ch4)
• Demonstrated experience participating or leading technical exchange meetings and documenting action items or results

• CompTIA Advanced Security Practitioner (CASP+)
• CompTIA Security+ CE
• Cisco Certified Network Professional Enterprise (CCNP)
• Cisco Certified Specialist – Enterprise design

• Support the formal Security Test and Evaluation (ST&E) required by program stakeholders through pre‑test preparations, participation in the tests, analysis of the results and preparation of required reports
• Provide RMF SME support in the form of stakeholder training and briefs, on progress, hurdles, and roadblocks as they arise.
• Measure program compliance with cybersecurity requirements and recommend cybersecurity program operational execution activities, processes, and practices
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Support & maintain an Accreditations and Expiration Dates Record on upcoming expiration of accreditations in addition to RMF‑related tasks using RMF management platforms
• Provide guidance, support, testing, and recommendations to ensure secure application release.
• Configure, run, and monitor automated security testing tools
• Assist in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews
• Apply upgrades and patches as necessary to maintain system security and compliance.
• Provide comprehensive analysis of available system security information to identify activity on customer networks and systems; detect, analyze, and recommend mitigations regarding cyber threats to the customer networks and systems; incorporate multiple alternative sources of information
• Provide cybersecurity awareness feedback and recommendations on how to improve networks and systems that are currently deployed or under development by the customer, including information related to timelines of incidents and their impacts
• Review threat activities based on available sources of information and then identify/correlate events and activities; support ongoing processing of each activity
• Develop dashboards and reports to support the program’s oversight and measures of its cyber assets and platforms
• Be responsible for the creation and maintenance of the program’s Cyber Security Vulnerability Report, DI‑MGMT‑82191
• Ensure program compliance with USG memorandum titled, “Cyber Security in Army Acquisition Programs”

This is a full time, exempt position.

Must be a U.S. citizen with the ability to possess a valid U.S. DoD TS/SCI security clearance.

Fairwinds Technologies, LLC is an Equal Opportunity Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity.

At Fairwinds, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job‑related knowledge, skills, location and experience. Additional incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits.