SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results.

Skyepoint Decisions is a participating E-Verify Employer. 

This is a contingent position based upon customer approval and funding.

As a SkyePoint employee you will be given the opportunity to support some of our nation’s most critical information systems by utilizing not only your existing cybersecurity skills and talents, but those that you will learn in your new role. In your new role as a cyber security professional, you will protect our customer’s most sensitive data and complex systems from all forms of threats including cyber-attacks, insider threats, rogue network devices, and malicious software and applications. You will work with a team of like-minded professionals to share and collaborate upon your ideas to improve the cybersecurity infrastructure, architecture, and configuration deployments. Your ideas and contributions will matter.

What can you achieve and how you will make a difference –

• Provide the rights for any operation compliant with NIST800-53 V4 and V5 security controls for assessing and authorizing controls to operate.
• Perform, review, and conduct technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies to the team.
• Assist in conducting system testing in support of independent security assessments of security controls for systems to ensure that appropriate controls are in place and operating as designed and intended. Assessments must be performed in accordance with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) , current regulations, and other required and federal standards and regulations.
• Stay aware of system change management activities and perform manual or automated system security testing in support of analysis to ensure that none of the changes/modifications/updates introduce security risk into the environment.
• Ensure newly introduced software or asses to the system does not a change to the security posture of the system.
• Ensure a positive and productive working relationship with key stakeholders and or external agencies as applicable.
• Know and keep current with all applicable NIST, Office of Management and Budget (OMB), Committee on National Security Systems (CNSS), and other Federal Information Technology Security mandates, how these mandates tie into IE security operations, and the impact of the security requirements on agency systems and mission.
• Validates and verifies system security requirements definitions and analysis and establishes system security designs for controls.
• Assesses and mitigates system security threats/risks throughout the program life cycle.
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
• Develops and executes Security Test Plan (STP) in close cooperation with team members.
• Upon execution, provide the necessary reports to the A&A team.

The Talent You Bring with these Qualifications 

• Bachelors degree or equivalent experience (7+ years of prior relevant experience)
• U.S. Citizenship
• Must be able to obtain and maintain a DHS public trust
• Must be able to obtain and maintain a Top Secret clearance, active clearance preferred
• 8+ years of experience working in the role of Systems Security Engineer assisting assessments, applying security controls, and modifying system configurations based on assessment findings.
• 3+ years of experience in working with NIST RMF for A&A
• Expert knowledge of the NIST RMF and A&A processes.
• Experienced at engineering security controls to systems and security tools when required as a result of and in support of Assessment and Accreditation activities across the IT enterprise
• Proven success implementing and working with the following systems security tools currently in use and/or planned for future use: Splunk, GRC tools (CSAM, ServiceNow, etc.), and Tenable.
• Working knowledge of NIST800-53 V4 and V5 security controls
• Proven experience utilizing A&A tools for updates of security controls, documentation, reporting, and alerting on non-compliance.
• Evidence of establishing and updating the systems environment(s) for analysts conducting multiple independent security assessment of security controls in accordance with a client’s Risk Management Framework, current NIST regulations, and other required and federal standards and regulations for client systems.
• Working knowledge applicable NIST, Office of Management and Budget (OMB), Committee on National Security Systems (CNSS), and other Federal Information Technology Security mandates

Applicants selected for this position must be able to obtain and maintain both a Top Secret clearance as well as obtain and maintain a DHS public trust clearance, and background screening. Applicants selected for a security clearance will be subject to a security investigation and must meet eligibility requirement for access to classified information.

• Ability to implement when required systemic and automated repeatable processes for continuous monitoring and on-going authorizations consistent with NIST guidance
• Experience with system hardening
• Security architecture, engineering, and A&A experience
• Experience with System Security Plans, Security Compliance Traceability Matrix
• Security Test Plans, Plan of Action & Milestones

What We Can Offer You - 

• Great Benefits: >70%-80% of medical premiums cost share paid by SkyePoint, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched
• Certification Incentive Program

• Paid Referral Program 

• Corporate Sponsored Community Engagement (Giving Back) events every quarter
• SkyePoint DoD SkillBridge Industry Partner Fellowship Program

• SkyePoint Professional Growth Programs (Internal Training and Mentoring)
• SkyePoint Azure Development Environment available to all Developers and technical staff to develop solutions for customers and/or to create innovation to win new business 

• SkyePoint Professional Sports Ticket Perks, Quarterly Employee Morale Lunches, and Semi-Annual team-building events
• Flexible Work Environment

SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 (with SAM) for Services. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives.

As a federal contractor, SkyePoint is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.