Cyber Systems Engineer - Project Engineer

As a Cyber Systems Engineer - Project Engineer at ASG, your main responsibilities will involve collaborating with project managers and developers for the implementation of cybersecurity solutions like Splunk, conducting assessments of contractor performance, and developing vital acquisition documentation. You will work closely with stakeholders to ensure compliance with federal cybersecurity regulations while participating in design reviews and providing technical feedback. Your role is pivotal in enhancing the Information Assurance posture of our national customer.

To qualify for the Cyber Systems Engineer - Project Engineer position at ASG, candidates need 12 to 15 years of experience with a Bachelor’s degree, or 10 to 13 years with a Master’s, or 8 to 10 years with a PhD. Additionally, a TS/SCI clearance with Polygraph is mandatory, along with DoD 8570 certification in either IAT or IAM. Strong communication skills and attention to detail are equally important for this role.

While certain certifications are required, such as DoD 8570 IAT or IAM, desirable qualifications for a Cyber Systems Engineer - Project Engineer at ASG include advanced IA certifications like CISSP or CASP. Familiarity with the Risk Management Framework (RMF) and experience in briefing senior personnel also enhance your profile for this pivotal role.

Absolutely! ASG is dedicated to your professional development as a Cyber Systems Engineer - Project Engineer. The company provides ongoing training, tuition reimbursement, and a supportive work environment that encourages career advancement. Your contributions to enhancing national cybersecurity will not only be recognized but rewarded as you grow within the organization.

At ASG, the work environment for a Cyber Systems Engineer - Project Engineer is collaborative and engaging. You’ll work in a fast-paced setting alongside dedicated professionals focused on enhancing cybersecurity. The culture here promotes teamwork, innovation, and open communication, making it a rewarding place for your career to flourish.

Certainly! In my previous roles, I have actively participated in implementing Splunk to enhance cybersecurity operations. My experience includes configuring data inputs, creating dashboards, and leveraging its capabilities for real-time threat detection and analysis. I always ensure to work closely with stakeholders to align on requirements and optimize the platform's functionality to meet organizational needs.

Staying updated on cybersecurity regulations and best practices is crucial. I regularly follow industry publications, participate in webinars, and engage in professional networks. Additionally, I am a member of multiple cybersecurity associations, which offer valuable resources and insights into emerging threats and compliance requirements.

In my previous role, I led an assessment of contractor performance focusing on established evaluation criteria, such as timeliness of deliverables, adherence to security protocols, and stakeholder feedback. I compiled quantitative metrics along with qualitative observations to present a comprehensive review to management, ensuring alignment with project goals and regulatory standards.

My approach to risk management in cybersecurity involves using frameworks such as NIST and ISO/IEC 27001. I prioritize risks based on their potential impact and likelihood, implementing mitigation strategies accordingly. Regular risk assessments and updates to our risk management policies are key to keeping the organization secure and compliant.

I thrive in environments with tight deadlines by maintaining organization and prioritizing tasks. I utilize project management tools to keep track of requests and deadlines, ensuring that I allocate my time effectively. Communication is key, so I regularly update stakeholders on progress and manage expectations to deliver results even under pressure.

Certainly! In a previous position, I identified inefficiencies in our vulnerability management process. By proposing a streamlined workflow that included automated scanning and reporting, I reduced identification time by 50%. This allowed our team to focus on remediation efforts rather than just identifying vulnerabilities, greatly improving our overall cybersecurity posture.

I have extensive experience applying the RMF in various projects, from categorizing information systems to conducting security assessments and continuous monitoring. Understanding and executing the RMF process has allowed me to ensure compliance with federal guidelines and enhance the overall security framework of the organizations I've worked with.

When advising stakeholders on cybersecurity risks, I employ a risk assessment matrix to prioritize them based on impact and likelihood. This approach helps stakeholders understand which risks require immediate attention and which can be monitored. I also provide clear recommendations on risk mitigation strategies to facilitate informed decision-making.

Effective communication with various stakeholders requires adapting my approach based on their technical background. I achieve this by simplifying complex cybersecurity concepts into layman's terms for non-technical stakeholders while providing detailed technical breakdowns for IT personnel. Regular updates and inviting feedback is also crucial to maintaining strong relationships.

The most critical aspect of leading a cybersecurity project is establishing clear communication and aligning team objectives with organizational goals. This involves understanding stakeholder requirements, fostering collaboration among team members, and maintaining a security-first mindset throughout the project lifecycle. Engaging the team and encouraging open dialog significantly enhances project success.