Level ExperiencedJob Location SBG San Diego - San Diego, CAPosition Type Full TimeEducation Level Graduate DegreeTravel Percentage NegligibleJob Shift DayJob Category Cybersecurity
Description
SBG Technology Solutions, Inc. is seeking an experienced Senior Cybersecurity Engineer to join our team in San Diego, CA. You will apply knowledge and expertise to perform technical engineering support for the Undersea Communications and Integration Program Office (PMW 770). You will apply knowledge and expertise to perform technical engineering support to acquire security engineering, Model-Based System Engineering (MBSE), and systems engineering support services associated with the development, procurement, fielding, integration, modernization, and sustainment of the various submarine communications programs of PMW 770 and Nuclear Command, Control, and Communications (NC3) programs or commands with direct ties to PMW 770 programs or the NC3 Lead Capability Integrator (LCI) role including but not limited to the following organizations:
Naval Information Warfare System Command Chief Engineer (NAVWAR 5.0)
United States Strategic Command (USSTRATCOM)
Commander Submarine Force (COMSUBFOR)
NC3 Enterprise Center (NEC)
Naval Information Forces (NAVIFOR)
DUTIES AND RESPONSIBILITIES:
Gather system’s documentation and build out the system’s model.
Plan, implement, upgrade and/or monitor cybersecurity measures to improve cyber defense and maintain a cyber-resilient network.
Assess cybersecurity vulnerabilities for risks and propose and implement remediation actions or risk mitigation strategies.
Ensure appropriate security controls are in place that will safeguard digital files and electronic infrastructure.
Respond to computer security breaches to re-establish protections and make required reports.
Oversee, evaluates and supports the documentation, validation, and accreditation processes necessary to ensure new and existing information technology (IT) systems meet the organization’s information assurance (IA) and security requirements. Ensures appropriate treatment of risk, compliance and monitoring assurance from internal and external perspectives.
Serve as the Information Systems Security Engineer (ISSE) and Information Systems Security Officer (ISSO) to ensure a common security engineering approach and cybersecurity situational awareness across the PMW 770 programs throughout the programs’ acquisition lifecycle.
Ensure all PMW 770 IT systems comply with the RMF process.
Prepare and submit RMF artifacts using eMASS and Xacta IA Manager Databases and recommend initiatives to move from compliance- based security methodologies to threat-based security methodologies such as Cyber Ready.
Develop and/or implement enhanced security solutions and strategies, Information Security (INFOSEC), Communications Security (COMSEC) and Transmission Security (TRANSEC).
Identify and adhere to the cybersecurity policies and guidance governing the acquisition, development and implementation of enhanced capabilities to include Software Defined Networks (SDNs), Software Defined Radios (SDRs), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Zero Trust Architecture, INFOSEC, COMSEC, TRANSEC, Controlled Interfaces (CIs), Multi-Level Security (MLS), Multiple Independent Levels of Security (MILS), and other emergent cybersecurity solutions.
Draft white paper to identify emergent policy and guidance that impact system requirements and proposed design and integration options, including justification for recommendation of unique enhanced security solutions.
Provide a manageable level of risk to the operational security infrastructure as described in the A&A documents (e.g. Preliminary Design Review (PDR), Critical Design Review (CDR), New Policy, ECR, Trouble Reports).
Address resiliency initiatives and cybersecurity in both the early planning process through system development and continuous upgrades.
Prepare, review, and update the system certification, accreditation, security evaluations, and assessments by ensuring compliance with the Spectrum Management Certification Plan, System Security Plan (SSP), Continuous Monitoring Strategy, Platform IT Requests, Security Assessment Plan (SAP), cyber risk analytics, test procedures, reports and other documentation in accordance with the program schedule and in compliance with the DFIA.
Develop the SSP in accordance with the detailed program schedule.
Conduct Information Assurance Control (IAC) assessments to include identification of baseline controls, control tailoring, Gap Analysis, Common Control Identification, and Inheritance analysis, in accordance with system requirements, applicable policies, and IA/CS TA Standards. Prepare standard rationale to document non-applicable security controls.
Identify risks and impacts in priority order using the MBSE. Provide recommendation for end-to-end cyber effects and cyber compromise impact analysis using the MBSE and report risk impacts and inform other risk assessments.
Assist the APM to fully address cybersecurity in both the early planning process through system Milestone C and spiral upgrades. Review technical documentation to identify cybersecurity design issues and secure engineering solutions.
Review cybersecurity and physical security requirements for new ship construction in compliance with the DFIA. Review system level documents including the SICD, FRD, SSS, SRS, SWRS and SSDD to assure cybersecurity is properly integrated.
Review Security Policies for consistency with the DFIA identifying applicable security controls, derived cybersecurity requirements, and acquisition constraints. Review the PPS baseline and provide recommendations ensuring that the systems comply with security policies.
Adhere to the implementation of the SSP in accordance with the detailed program schedule and provide guidance to the engineering team on documenting and implementing DISA STIGS and IACs.
Review cybersecurity testing to validate the risk assessment, identify fixes, and propose mitigations for identified vulnerabilities. Propose standardized mitigation statements when possible. Review and/or conduct Covert Channel Analysis to identify covert channel bandwidth potentials. Review continuity plans to ensure program compliance with cybersecurity policies and IMS.
Draft and update white papers or actual documents for the IAC Gap analysis; DFIA; program compliance with the Undersea Cybersecurity Implementation Strategy and recommendations; cybersecurity design issues and recommended solutions; systems’ cybersecurity and security policies and requirements; assessment of proposed PPS changes; identifying emergent requirement and assessment of program impact; covert channel analysis, findings and recommendations; input to acquisition strategy; input to test and evaluation strategy; input to contracting documents; cybersecurity strategy; Program Protection Plan (including Critical Program Information and Criticality Analysis); Security Classification Guide; Office of Naval Intelligence (ONI) Commitment Plan; ONI Assessment and Authorization Process; and input to briefings and presentations.
Coordinate and participate in Technical Interchange/Exchange Meetings (TIM/TEM), cybersecurity tabletop assessments, and similar collaboration events between the development engineers and principle enhanced capability stakeholders. The stakeholders include, but not limited to, PMW 130, U.S. Fleet Cyber Command, Commander U.S. 10th Fleet, Unified Cross Domain Management Office (UCDMO), Navy cyber Defense Operations Command (NCDOC), USSTRATCOM, NSA, Cross Domain Technical Advisory Board (CDTAB), Defense Information Assurance / Security Accreditation Working Group (DSAWG), and ONI. Capture attendees, decisions and action items in meeting minutes and track completion of action items. Liaison with NSA and ONI, including document delivery and retrieval, using the Joint Worldwide Intelligence Communications System (JWICS).
SECURITY AND PRIVACY DUTIES AND RESPONSIBILITIES
Individuals working for SBG Technology Solutions, Inc, a DSS, Inc. will be subject to security and privacy requirements as explained in HIPAA, FedRAMP, and NIST 800-53. Additionally, they are required to undergo specific FedRAMP training to ensure compliance with all associated controls and responsibilities in the day-to-day performance of their duties. Individuals working in departments that are considered to be in the high-risk category will be required to undergo advanced training based on their role and level of access. Individuals with access to modify data and the configuration baseline will require further training.
Active Top-Secret Clearance or Top-Secret Clearance, eligible.
U.S. Citizenship is required for this position.
Qualifications
QUALIFICATIONS:
Required:
Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1.
Strong oral and written communication skills.
Ability to work independently with minimal direct management.
Ability to identify, prioritize, and execute tasks to meet project deadlines
Desired:
Experience working in DoD or Submarine environment.
Knowledge and application of Submarine communications, hardware and software.
Familiarity with PMW 770 programs and projects:
Common Submarine Radio Room (CSRR)
Submarine High Data Rate Antenna (SubHDR)
Outboard Electronics (OE)-538 Antenna Group
Low Band Universal Communications System (LBUCS)
Submarine Antenna Modification System (SAMS)
Fixed Submarine Broadcast System (FSBS) High Power Transmission Equipment (HPTE)
Time & Frequency Distribution System (TFDS)
Take Charge and Move Out Ground Communications (TACAMO GC)
Strategic Communications Assessment Program (SCAP) / Continuing Evaluation Program (CEP)
Shore to Ship Communications
Submarine Operating Authority (SUBOPAUTH) Command, Control & Communications (C3)
Cerberus
Very Low Frequency/Low Frequency (VLF/LF) Lead Service
Undersea Unmanned Vehicle Operation Center (UUV OC)
Education:
Required: Master’s level degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with concentration in Computer Science or equivalent.
Years of experience in a similar role:
Required: Minimum ten (10) years professional experience in cybersecurity engineering.
PHYSICAL DEMANDS:
Standing
10% per day
Sitting
60% per day
Walking
5% per day
Stooping
0% per day
Lifting
If traveling, ability to lift up to 50 lbs. unassisted (luggage, laptop etc.)
Up to 15 lbs. unassisted, several times a day (laptop, office equipment, office supplies, etc.)
Computer Work
100% per day
Telephone Work
60% per day
Reading
100% per day
Other, please specify
Travel unassisted less up to 10% per year, via aircraft or privately owned vehicle.
