Security/Cyber Engineer [2020-28]

AWIPS (Advanced Weather Interactive Processing System)

ITS is seeking a highly motivated information systems security engineer for the Advanced Weather Interactive Processing System (AWIPS) Program. This individual will work under general supervision, reporting to the program Security Officer to perform a variety of technical system security related tasks. The ideal candidate has excellent system security skills, knowledge of federal system security standards and practices, experience with Red Hat Enterprise Linux (RHEL) and internetworking products, project management experience, and exhibits strong, proactive project leader qualities including excellent communication and customer-facing skills. AWIPS is central to the ability of the National Oceanic and Atmospheric Administration’s (NOAA) National Weather Service (NWS) to predict weather, water, and climate conditions. AWIPS provides NWS with the means to integrate meteorological and hydrological data into a single computer workstation. It draws data from an array of weather sensors, satellites, and numerical forecast guidance, processes and distributes the data from the 175 operational sites including Weather Forecast Offices, River Forecast Centers, and National Centers. AWIPS is the NWS’s critical system for rapid, highly reliable warnings and forecasts of weather events that affect the United States, its territories, and adjacent waters. As the NWS’ partner responsible for AWIPS operations, maintenance, 24/7 technical support, and Product Improvement, the ITS AWIPS team supports these critical operations.

Responsibilities Include:

Create security authorization packages and documentation as required by Federal security authorization guidelines described in NIST and OMB requirement documents

Analyzing system vulnerability/scan reports and CVE materials and ascertain appropriatehandling and remediation actions.

Assisting in managing system security weaknesses via Department of Commerceprescribed Plan of Action & Milestone (POAM) processes and procedures.

Providing security and system engineering inputs to development and sustainmentprojects to resolve security issues

Interacting with the system owner, the AWIPS security officer, and other team membersin the generation of security documents, including security incident reports,equipment/software inventories, technical vulnerability reports, and contingency plans.

As assigned, running security related projects including oversight of schedule andtechnical activities.

Required Skills:

Experience with Tenable Security Center Continuous View

Experience with Red Hat Enterprise Linux and the Open Source Software model

Knowledge of Federal Government Authorization processes and familiarity with NISTSP 800-53, NIST SP 800 and 500 series specifications, industry standards and best practices.

Demonstrated experience working in dynamic environments requiring ability to assess and prioritize tasks, manage time and resources to meet assigned deadlines.

Highly effective written and oral communications skills, including presentation andcustomer-facing skills.

Ability to work independently or with limited supervision, meet commitments and deliverhigh quality products as requested.

Creative troubleshooting and problem solving skills, including the ability to assess risksand opportunities and report accurately.

Ability to obtain and maintain a NACI/Public Trust (preferred existing minimum NACI/Public Trust or clearance).

Desired Skills:

Possesses a recognized Security Professional Certification (e.g. CISSP, CISM, CGEIT,CRISC, CAP, CEH).

Knowledge of applicable DOC-NOAA-NWS policies and other federal security standards (DHS 4300A / DHS 4300 B).

Demonstrates a strong understanding of the design and architecture of complex information systems and the ability to communicate operational use of those systems toothers.

Demonstrates ability to interact comfortably with Senior Leadership and/or Government Executives and staff on a day-to-day basis.

Experience with security analysis tools such as Tenable, Nessus, HP Fortify, ArcSight,

Experience with security automation tools and centralized management utilities such asPuppet, Ansible, Ansible Tower, Open-AudIT, JunOS Space and Red Hat Satellite

Working knowledge of DISA STIGs to include compliance as well as experience with OpenSCAP and DISA STIG Viewer

B.S./B.A. in Engineering, Science, or Mathematics with 4 years’ experience in System Engineering and Information Technology Security or MS/MA in Engineering, Science or Mathematics with 2 years’ experience; education in lieu of experience

Mid Level

DC metro, northern Virginia, Maryland area.

Must be U.S. Security Clearance Eligible.



U.S. Citizenship Required. An Equal Employment Opportunity employer. Please visit Equal Employment Opportunity link below for further information
Equal Employment Opportunity Information