View all jobs
Owl Cyber Defense is a leader and trusted partner in cyber security. We deliver solutions that protect and connect the world’s most critical networks. Owl’s product lines of cross domain, data diode, and portable media solutions provide the strongest available security checkpoints for threat prevention and secure data availability. Our in-depth expertise in security engineering at the operating system level enables us to help government and commercial customers meet ever-evolving cyber security threats.
Job Summary:
Owl Cyber Defense is a leader and trusted partner in cyber security. We deliver solutions that protect and connect the world’s most critical networks. Our in-depth expertise in security engineering at the operating system level enables us to help government and commercial customers meet ever-evolving cyber security threats.
The Security Engineer provides security engineering & cybersecurity support. They will use Security Content Automation Protocol (SCAP) as appropriate to enable the automated vulnerability management, measurement, and policy compliance evaluation of the Operating System (OS) and application software.
The Security Engineer will identify relevant STIG requirements for the target OS. The engineer should be able to run scans, analyze scan, identify items not covered by scan and come up with alternative means of meeting all security requirements.
The Security Engineer will create, and tailor Security Control Traceability Matrices (SCTM) based on the Risk Management Framework (RMF) guidance, NIST 800-53, ICD 503, and CNSSI 1253. Exposure to Cross Domain Solution (CDS) accreditation and the National Cross Domain Strategy and Management Office (NCDSMO) Raise the Bar (RTB) initiative is desirable. Experience creating artifacts supporting the RMF accreditation process is desirable.
Essential Duties and Responsibilities:
Requirements/Qualifications:
Owl Cyber Defense Solutions, LLC is a fast-growing cybersecurity solutions company, holding a firm leadership position in network security and secure information transfer. It is a privately-owned US company with offices in Columbia, MD, Danbury, CT and Morrisville, NC. For more information, see http://www.owlcyberdefense.com.
Owl Cyber Defense is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, disability, sexual orientation, gender identity, or protected veteran status.
RMF Security Engineer
Columbia, MD · Information Technology| Job Title: | RMF Security Engineer |
| Department: | Solutions Engineering |
| Reports to: | Federal Director of Installation and Support |
Owl Cyber Defense is a leader and trusted partner in cyber security. We deliver solutions that protect and connect the world’s most critical networks. Owl’s product lines of cross domain, data diode, and portable media solutions provide the strongest available security checkpoints for threat prevention and secure data availability. Our in-depth expertise in security engineering at the operating system level enables us to help government and commercial customers meet ever-evolving cyber security threats.
Job Summary:
Owl Cyber Defense is a leader and trusted partner in cyber security. We deliver solutions that protect and connect the world’s most critical networks. Our in-depth expertise in security engineering at the operating system level enables us to help government and commercial customers meet ever-evolving cyber security threats.
The Security Engineer provides security engineering & cybersecurity support. They will use Security Content Automation Protocol (SCAP) as appropriate to enable the automated vulnerability management, measurement, and policy compliance evaluation of the Operating System (OS) and application software.
The Security Engineer will identify relevant STIG requirements for the target OS. The engineer should be able to run scans, analyze scan, identify items not covered by scan and come up with alternative means of meeting all security requirements.
The Security Engineer will create, and tailor Security Control Traceability Matrices (SCTM) based on the Risk Management Framework (RMF) guidance, NIST 800-53, ICD 503, and CNSSI 1253. Exposure to Cross Domain Solution (CDS) accreditation and the National Cross Domain Strategy and Management Office (NCDSMO) Raise the Bar (RTB) initiative is desirable. Experience creating artifacts supporting the RMF accreditation process is desirable.
Essential Duties and Responsibilities:
- Create Authorization to Operate packages for Authorization Official approval to include:
- CONOPS
- SSTP
- SSP
- POA&M
- Self-Assessment Plan
- Cyber Threat Security Plan
- SCTM
- Prepare support briefings for ATO packages statuses
- Interface with Cross Domain engineers to document security control responses within required documentation
Requirements/Qualifications:
- Education
- Bachelor’s Degree in System Engineering, Electrical Engineering, Computer Science, or a computer/software engineering related field.
- Experience
- Minimum of 5 years of experience in RMF Security Engineering
- Knowledge, Skills & Abilities
- Ability to understand, interpret and make recommendations based on relevant publications (e.g., NIST 800-53, ICD-503 and DoD 8510.01)
- Requirement Definition and Analysis, System Security Architecture
- Leadership in utilizing Risk Management Framework process to enable successful approval to operate (ATO)
- Linux Operating Systems including open-source distributions, SELinux policy and embedded systems
- Security Technical Implementation Guide development and modification, and STIG remediation
- SCAP/OVAL and ACAS scanning and thorough understanding of the framework
- Previous Common Criteria
- Trusted Computing
- Penetration testing
- Test and Evaluation (T&E) and Independent Verification and Validation (IV&V)
- Capable of creating RMF documentation package to obtain ATO
- Additional Competencies/Requirements
- Candidates must hold a current TS/SCI clearance.
- This position requires onsite customer support in the Ft Meade, MD area.
Owl Cyber Defense Solutions, LLC is a fast-growing cybersecurity solutions company, holding a firm leadership position in network security and secure information transfer. It is a privately-owned US company with offices in Columbia, MD, Danbury, CT and Morrisville, NC. For more information, see http://www.owlcyberdefense.com.
Owl Cyber Defense is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, disability, sexual orientation, gender identity, or protected veteran status.