SkyePoint Decisions Inc. is seeking a highly motivated, team player to fill the role of a Cloud Security Engineer, supporting Defense Contract Audit Agency (DCAA) in Ft. Belvoir, VA. This opportunity is contingent upon contract award. DCAA provides audit and financial advisory services to Department of Defense (DoD) and other federal entities responsible for acquisition and contract administration. DCAA operates under the authority, direction, and control of the Under Secretary of Defense (Comptroller)/Chief Financial Officer.

• Monitor incoming SIPRNet traffic (email, UCCYBERCOM, JFHQ-DoDIN, DISA GNSC) for incident response, situation awareness, and threat detection
• Support the Cybersecurity organization, as required, to identify, analyze, define, develop, coordinate, implement and audit the security policies, procedures, and processes for the DCAA systems and infrastructure
• Evaluate, document, and report IT systems security posture and configuration for DCAA systems risk analysis
• Perform vulnerability management and reporting for DCAA systems and compliance with DoD Information Assurance Vulnerability Management (IAVM) policy
• Conduct wireless assessments of DCAA facilities to identify and evaluate IEEE 802.11 Wireless Access Points (WAPs) that exist within DCAA’s physical office location(s) and work with POC to determine if any rogue access points are in use
• Perform Web Application Assessments that identify web application specific vulnerabilities and assesses the security posture of selected web applications against NIST 800-53 standards, the Open Web Application Security Project (OWASP) Top Ten common vulnerabilities and DISA’s Application Development STIG
• Perform Operating System Security Assessments to assess the configuration of select host Operating Systems (OS’s) against standardized configuration baselines (DoD Secure Host Baseline (SHB) and the United States Government Configuration Baselines (USGCB)
• Conduct Database Assessments to determine the configuration of selected databases against configuration baselines to identify potential misconfigurations and/or database vulnerabilities
• Ensure that DoD Security Technical Implementation Guides (STIG) are in all applicable areas within the DCAA infrastructure and applications
• Support Cybersecurity Operations, as required, to develop monitoring, response and handling procedures for intrusion and malicious code incidents
• Tasks include conducting, supporting, and coordinating network intrusion detection events and analysis
• Using the DoD RMF in conjunction with other DoD guidance and directives, provide efficient and effective system Certification and Accreditation (C&A) support for IT systems and applications.
• Design and develop security architectures, diagrams, processes, and procedures for migrating applications from an on-premises environment to the cloud.
• Select, implement, and document appropriate security controls following the Risk Management Framework (RMF) to obtain and maintain Authorization to Operate (ATO) status for the network and its major applications.
• Design, develop, and implement security technologies to improve end-user mobility and productivity.
• Leverage new cloud security capabilities to improve security configuration monitoring and event reporting.
• Maintain all ATO documentation including System Security Plans, Risk Assessments, etc. Make sure all systems meet applicable Federal and U.S. Department of Defense standards and guidelines.
• Ability to configure, modify, and administer Azure Cloud technologies, including:
  • Azure Security Center, Sentinel, Network Watcher, Monitor, Key Vault, Active Directory, DDoS protection, Firewall, and Gateway.
  • Azure Identity and Access Management
  • Azure AD Privileged Identity Management
  • Azure AD Identity Protection (risk policies)

• Active Secret Clearance or higher
• Requires DoD 8570 (or DoD 8140) IAM Level III certification and applicable computing environment certificate in accordance with DoDD 8140.01 or DOD 8570 “Cyberspace Workforce Management” This position requires compliance with DOD 8570 IAM continuing education certification for technical administrative access to government systems. 
• Requires 7 years of progressive experience in securing, protecting, analyzing, monitoring, and implementing Cybersecurity tools.
• Demonstrated experience in Microsoft Azure security controls on production systems
• Strong knowledge of on-premises cybersecurity in a Windows computing and Cisco networking environment
• Eligible for IT Level 1 background investigation
• Shift adjustments or on-call support may be required to support operational service outages or to meet contractual service level performance requirements. 
• Must have experience leading a team.
• Expert knowledge of ACAS scanning, maintaining Cyber servers, (e.g. patching, technical troubleshooting), IAVM management, and Sourcefire Intrusion Detection System.
• Strong verbal communication and problem-solving skills

SkyePoint Decisions is an established ISO 9001:2015 and ISO 27001:2013 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customers’ technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

SkyePoint Decisions empowers a secure dynamic workforce. We leverage our technical competencies (cybersecurity, cloud services, application development, messaging, system & network optimization and more) to provide our customers’ operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to securely complete any mission. 

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.