Systems Engineer

The Sponsor's office is working to accelerate mission delivery and connect mission partners with the power of commercially-driven cloud computing. The Sponsor brings multi-cloud solutions to mission environments, supporting cloud services providers (CSPs), and offering cloud services across multiple networks. 



The Systems Engineer shall ensure that all development and modifications to existing Sponsor applications comply with Sponsor's security and architectural policies and regulations. They shall be required to communicate and collaborate across organizational boundaries, to include other contractor teams. 



Responsibilities

• In conjunction with the Sponsor's office, manage security assessment, security compliance, change management, and continuous monitoring activities, including associated program management functions across 4 cloud services providers: Amazon Web Services, Google Cloud, Oracle Cloud, and Microsoft Azure


• Assess cloud security technologies for security gaps and weaknesses according to industry standards


• Analyze security scan findings and perform risk analysis on the findings


• Review cloud security body of evidence packages for completeness and accuracy


• Collaborate with other internal components and security peers to determine security and potential weaknesses of cloud infrastructure and cloud services


• Advise Sponsor leadership on cloud security services


• Analyze system alerts to determine if a security weakness exists and document risk mitigation procedures


• Sustain and evolve the Sponsor's standard operating procedures to meet Program Objectives


• Facilitate technical exchange meetings (TEMs) with cloud service providers to review cloud service architectures


• Provide program management support including project planning, task tracking, milestone management, and resource coordination to ensure timely delivery of all contract requirements


• Develop and maintain program metrics and performance indicators including security assessment completion rates, finding remediation timelines, compliance status dashboards, and other key performance indicators as directed by the Sponsor


• Respond to Sponsor inquiries and requests for information within established timelines, providing accurate and complete technical and programmatic information


• Prepare periodic program highlights, status reports, and briefing materials for Sponsor leadership summarizing program activities, accomplishments, issues, and upcoming milestones


• Support ad hoc taskings from the Sponsor including research, analysis, documentation, and coordination activities as required to meet emerging program needs


• Maintain regular communications with the Sponsor through scheduled status meetings, written reports, and other communication channels as established by the Sponsor

Requirements

• TS/SCI FSP Clearance


• Demonstrated experience facilitating TEMs with cloud service providers to review cloud service architectures


•     Demonstrated experience maintaining assessment and authorization (A&A) packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements


•     Demonstrated experience designing, implementing, assessing or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, or Microsoft Azure cloud architecture


•     Demonstrated experience utilizing or reviewing cross domain technology and common architecture designs


•     Demonstrated experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus, and Qualys


•     Demonstrated experience creating, monitoring, or closing system or service Plan of Action and Milestone items (POA&Ms)


•     Demonstrated experience utilizing compliance tools to track assessment and authorization activities such as Xacta 360, Risk Vision, RSA Archer


•     Demonstrated experience with the common control provider concept within the NIST Risk Management Framework


•     Demonstrated experience with security control assessments to include working with SCAs and preparing security packages for SCAs


•     Demonstrated experience conducting information system security engineering activities


• Demonstrated project management experience including project planning, task tracking, milestone management, and resource coordination


•     Demonstrated experience developing and maintaining program metrics, performance indicators, and compliance status dashboards


•     Demonstrated experience preparing technical reports, program highlights, status briefings, and leadership communications

Desired Skills

• Demonstrated experience using the Sponsor's or IC element A&A process


•     Demonstrated experience creating or reviewing A&A body of evidence documentation in a cloud security environment


•     Demonstrated experience identifying, implementing, or reviewing appropriate information security controls


•     Demonstrated experience working in Xacta 360


•     Demonstrated experience with Sponsor's A&A tools

About Us

For more than 20 years, NewGen Technologies has solved our clients’ toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics.  Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ