Overview **Your Future at M.C. Dean** We're seeking people driven to excellence and inspired to have a meaningful impact powering, automating, integrating, and securing the world’s most critical infrastructure and facilities. This translates into fulfilling opportunities for employees driven to excel in a meaningful career. As an employee at M.C. Dean, you will join forces with more than 5,800 professionals who engineer and deploy automated, secure and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together, we transform the way complex, large-scale systems are designed, delivered, and sustained–enhancing client outcomes, improving lives, and changing the world for the better. We are seeking a **Cybersecurity Specialist 2** to join our **Security and Electronic Systems (SES)** business Unit. As part of **(SES)** Strategic Business Unit you will be part of a team that designs, engineers, integrates, operates and maintains electronic security services inclusive of intrusion detection, access control, biometric authentication, video surveillance, audio visual, it systems, perimeter defense and command and control systems for federal, local and commercial customers across high-growth markets. Responsibilities **Information Security Systems Engineer Position Summary** In this position you will work on developmental and operational teams responsible for system security engineering services of developmental and operational systems for our federal government client in a highly secure and sensitive environment. + Working closely and supporting team members, vendors, and government customers + Implementing DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems + Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process + Conducting ICS/SCADA system inventories following DoD guidance + Conducting vulnerability scanning and document system vulnerabilities + Supporting ISO standardization and Quality inspections + Participating in continuous improvement of organizational cybersecurity posture + Provide system security engineering services and/or products to ensure secure reliable and uninterrupted availability of the Sponsor's developed and deployed systems and networks. + Provide core security engineering principles are implemented into assigned programs information systems architecture. + Perform analysis and evaluation to design, implement, test and field secure systems, networks, and architectures. Work closely with the architects, engineers, and developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and enterprise solutions. + Enforce the design and implementation of trusted relations among external systems and architectures. + Assess and mitigate system security threats/risks throughout the program life cycle. + Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. + Review assessment and accreditation (A&A) documentation, provide feedback on completeness and compliance of its content. + Apply system security engineering expertise in the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. + Provide security requirements to architects, engineers and developers. + Verify systems implementation and provide mitigation recommendations to facilitate secure systems for A&A and Continuous Monitoring support. + Serve as the security subject matter expert for the A&A and Continuous Monitoring processes. + Provide guidance to the System Owners and System Teams and recommend implementation strategies. + Support the Government to resolve conflicting system security engineering requirements. Qualifications **Clearance/Citizen Type:** Applicants selected will be subject to a government security investigation and may meet eligibility requirements, including U.S. Citizenship, for access to classified information; **ACTIVE TS/SCI w/ POLY REQUIRED** **Education:** + 0+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity + 2+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity + 6+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity + 8+ Years with a High School Diploma **Required Progressive Experience:** + Working with industry and government agencies on the design of platforms and integrated systems + Working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.) + Proficiency with ACAS and HBSS and mitigation strategies + Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data + Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS + Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) + Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and ACAS) + Ability to identify, maintain, and troubleshoot control network components + Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation + Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility + Working knowledge of operational control systems and implementing a variety of security assessment tools + Working knowledge of other operational control systems + Familiarity with DoDIN CCRI/CCORI and CYBERCOM TASKORDS Familiarity with various industry products **One of the Required Certifications:** + CASP CE CISSP CISSP – ISSAP CISSP - ISSEP CSSLP CISA CISM GCED GCIH **Also needed:** + Strong Oral, Written and Presentation Skills with the ability and experience communicating directly with Customers + Demonstrated background working with multidisciplinary teams + Demonstrated time management and organization skills to meet deadlines and quality objectives + Strong MS Excel, Word, PowerPoint, AUTOCAD, Cameo and Visio Skills is a plus. **What we offer:** + A collaborative team inspired by the way engineering and innovation enhance customer outcomes, improve lives, and change the world for the better. We are driven by our core values of agility, expertise, and trust. + An opportunity to lead and build a business with the support of an industry-leading firm that has been in business for 75 years. + Investment in your skills and expertise through a combination of professional and technical training programs, including leadership training and tuition reimbursement. + Open and transparent communication with senior leadership as well as local office management. **Abilities:** + Exposure to computer screens for an extended period of time. + Sitting for extended periods of time. + Reach by extending hands or arms in any direction. + Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard. + Listen to and understand information and ideas presented through spoken words and sentences. + Communicate information and ideas in speaking so others will understand. + Read and understand information and ideas presented in writing. + Apply general rules to specific problems to produce answers that make sense. + Identify and understand the speech of another person.