View all jobs

Certification and Accreditation Engineer

Aberdeen, MD · Information Technology
recruvo LLC is seeking a C&A Engineer to support a newly awarded contract in Aberdeen, MD. Candidate must have an active Top Secret/SCI Clearance. This is a full time position with benefits.
The C&A Engineer will be responsible for gathering information necessary to validate system security accreditations and to validate functioning security measures internal to these information systems.  The C&A engineer will define, create and maintain the required C&A documentation for each information system in accordance with requirements. The C&A engineer will also assess the impacts of system modifications and technological advances on program project associated information systems.

The C&A Engineer will have a minimum of a bachelor's degree in computer science, mathematics, engineering or five years of comparable work experience with a qualifying Information Assurance certification, such as CISSP, CISM, CAP, or ISSEP in accordance with DoD 8570.1. 

  • Writes comprehensive security analysis reports including assessment-based findings, outcomes and enter this data into DoD Information Assurance Management data bases for evaluation by Authorizing Officials to support the receipt of a Authority to Operate (ATO) for the systems.
  • Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information system
  • Identifies and defines system security requirements and correlates/documents them by analysis of organizational standard security operating procedures (SOP) and protocols.
  • Determines security violations and inefficiencies through security tests, evaluations and audits.
  • Describes system security architectures and provides detailed descriptions for the security components of information systems.
  • Recommends technical solutions and new security tools to mitigate identified or potential security vulnerabilities.
  • Recommends techniques to protect system by defining access privileges, control structures, and resources required to implement these structures.
  • Achieves system security operational objectives by contributing guidance and recommendations to program/project leadership. 
  • Recommends improvements by assessing current security implementations and anticipating new security requirements.
  • Maintains system security by implementing and maintaining security controls.
  • Experience in testing and describing system security implementations
  • Extensive technical knowledge of database and operating system security
  • Awareness of the capabilities of or direct experience with system security tools, including but not limited to firewalls, intrusion detection systems, anti-virus software, access validation systems, identification & authentication systems, audit log management, content filtering, information flow enforcement, and incident response procedures.
  • Experience with network technologies and with system, security, and network monitoring tools
  • Thorough understanding of the latest security controls, testing techniques, and implementation of these controls.
C&A Engineer Skills and Qualifications:
  • Information Security Policies (ICD 503, RMF, CNSSI 1253, and NIST SP 800 Series)

Share This Job
Powered by