Risk Management Engineer
OBXtek Inc. is an established, award-winning, service disabled veteran owned business providing information technology and professional management services to the federal government. Our corporate growth has coincided with our investment in our employees as well as in outreach to our civilian and military community.
OBXtek supports the State Department Bureau of Consular Affairs ISSO. The Bureau of Consular Affairs (CA) has three main areas: American Citizens, Passports, and VISAs. Each area develops applications, which require certification and accreditation.
OBXtek is looking for a candidate to perform the Risk Management Engineer (RME) functions as an information system security testing subject matter expert (SME) by providing expertise in developing and implementing security testing for multiple Consular Affairs/Consular Systems and Technology (CA/CST) systems during the Annual Control Assessments (ACAs).
In addition, the RME tracks and reports status, and brings any obstacles that may impact the completion of the ACA to the attention of the Project Manager and Team Lead in a timely manner. The RME ensures that ACA packages are submitted to State Department Information Assurance (IA) Office and follows up to ensure IA approval of ACAs prior to fiscal year end. The RME has the following roles indicated below and completes any other duties as assigned by the Project Manager (including RMF 1-3 duties):
The Risk Management Engineer is responsible for conducting and completing Annual Control Assessments (ACAs) for all Department of State Consular Affairs (CA) / Consular Systems and Technology (CST) Automated Information Systems (AIS) as part of continuous monitoring. This responsibility requires the engineer to complete work in a timely manner, conduct technical testing (e.g., verification of security compliance in Internet Information Services [IIS], Oracle and MS SQL Server databases, Windows and Linux platforms), and interview various government employees and contractors.
This position requires a working knowledge of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53A and previous experience with the technical security testing of various types of software. The RME should be familiar with Commercial-Off-The-Shelf (COTS) products used to facilitate the Assessment and Authorization (A&A) of systems. The RM Engineer is responsible for entering all ACA results into the Consular Affairs Certification and Accreditation Management System (CACAMS) COTS application and creating Plan of Action and Milestones (POA&M) that result from the ACA so that they are actionable with realistic dates.
The RME also has the POA&M reviewer role which is responsible for the analyzing and assisting in the remediation of all Plan of Action and Milestones (POA&M) for all systems within the CA/CST. This responsibility includes identifying POA&M items with the stakeholder that can be resolved, gather artifacts, and reports open and closed POA&M in a clear and concise manner. The POA&M reviewer interacts with various teams including government, operations, and development to reduce the number of findings. The POA&M reviewer also conducts POA&M reviews of Certification findings prior to submission to IA.
Must have an Active Top Secret Clearance
CAP Certification (Must obtain within 6 months of being hired)
Bachelors or Masters Degree in Computer Science, Information Technology, or related field.
Able to navigate through Operation System (OS)
Able to run and/or create SQL scripts
Able to review and interpret scans results
5-10 years relevant experience
2 years of experience within the field of IT security.
Proficient writing and communication skills.
Knowledge of FISMA Compliance and NIST guidelines including Risk Management Framework, SP 800-53, and SP-800-53A.
A technical understanding of IT security as it relates to network, application, and database security.
Knowledge of security compliance processes.
Ability to complete manual checklists (IIS, SQL, Linux, Oracle, etc.).
* CISSP or other related IT security certifications.
Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers’ knowledge and innovation using technology, collaboration, and education.
We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.
As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.
OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.
Equal Opportunity Employer/Veterans/Disabled
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
OBXtek Inc. is a 10-year old, established, award-winning, service disabled veteran owned business providing information technology and professional management services to the federal government. Our corporate growth has coincided with our investment in our employees as well as in outreach to our civilian and military community.
Provide our federal government customers with exceptional value in information technology, program and project management, and other professional consulting services to support their mission.
Provide our employees the authority to think freely and act independently.
Exceed our customers and partner’s expectations to maximize referrals and grow our business.
Ensure company growth is based upon sound financial and management principles.
Maintain our small business values while providing big business results.
Provide competitive pricing to our customers by controlling costs.
Increase OBXtek business by developing trusted teammates.
Our general hiring process is generally as follows:
* Our recruiting team will review and screen your resume.
* If your skills and background are a match, you will receive an email and/or a call to discuss the job and your skills.
* After the screening, the recruiter will forward you to the Program/Project Manager for the job you are interested in pursuing.
* The manager will review and work with the recruiter to schedule an interview - either in person or on the phone.
* Depending on the contract, our PM might also schedule a technical interview.
* If all goes well, the PM will ask the recruiter to make an offer for the position and an emailed offer will be sent to you.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.