Cyber OT&E Analyst
Agile Defense, LLC | |
United States, Maryland, Fort Meade | |
Dec 02, 2024 | |
At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility-leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests.
Requisition #: 691
Job Title: Cyber Security Engineer
Location: 6910 Cooper Avenue Fort Meade, Maryland 20755
Clearance Level: Active DoD - Secret
Required Certification(s): Advanced cybersecurity certifications (e.g., CISSP, Sec+, OSCP, CEH)
SUMMARY
We are seeking a Cybersecurity Operational Test & Evaluation (OT&E) Analyst to support the Joint Interoperability Test Command (JITC) as the lead Operational Test Agency (OTA) to perform Operational Effectiveness, Suitability, and Cyber Survivability (OESCS) of the Secret and Below Releasable Environment (SABRE). SABRE is designed to facilitate improved information sharing between the U.S. and Mission Partners (MPs) during Globally Integrated Operations (GIO), and it will be integrated as an enterprise solution to the DoD Mission Partner Environment (MPE) requirement. Utilizing the principal tenets of data-centric security (DCS) and architectural tenets of DoD Zero Trust.
As a Cybersecurity OT&E Analyst, you will work with a team responsible for all aspects of cybersecurity support to the SABRE MPE. The Cyber OT&E support involves providing support for cybersecurity and cyber survivability assessments in accordance with the Operational Evaluation Cell (OEC) and Cyber Survivability Assessment Team (CSAT) criteria. In addition, you will be responsible for assisting with the planning, executing, and reporting efforts for the following events: Cyber Tabletop (CTT), Cooperative Vulnerability Penetration Assessment (CVPA) and Adversarial Assessment (AA). Finally, you will provide technical support on SABRE-related test events, including Integrated Test Teams (ITT), Cyber Working Groups (CWGs), and Developmental/Operational Test and Evaluation (DT&E/OT&E) in the Continental United States (CONUS).
JOB DUTIES AND RESPONSIBILITIES
* In support of integrated DoD IT/NSS Cybersecurity T&E efforts, will conduct SABRE cybersecurity requirements decomposition, assist with the test planning, execution, analysis and reporting efforts for all test events. Activities Include:
* Support for Coopertive Vulnerability Assessments (CVA)
* Prepare Request for Information to support Cyber Master Evaluation Framework (CMEF).
* Identify and note any risk items that will be tracked using the Cyber Risk Tracking Matrix (CRTM)
* Prepare Rules of engagement (ROE) and Test Concept Brief for the (AA)
* Use appropriate system documentation to perform requirements analysis and make sure sufficient information is known about any new capabilities or System Under Test (SUT). Successful planning of integrated Operational Test (OT) events will include the following; must be able to: help update and develop a Data Source Matrix (DSM) for each integrated T&E event, develop a formal SUT Cybersecurity Risk Assessment (RA), prepare and provide a SUT Test Concept Brief (TCB), conduct Cyber Tabletop (CTT) create and deliver a SUT Cybersecurity Test Plan, create Test Readiness Review (TRR) slides, and compile SUT Developmental Evaluation Framework (DEF).
* Perform Cybersecurity T&E execution efforts by assisting in data collection and observe users performing the mission and/or execute operational scenarios; collect, document, and manage all test data In Accordance With (IAW) the JITC OT&E guidance for a Data Management and Analysis Plan (DMAP); leverage instrumentation and automation of data collection and management; hold daily hot washes with the user community to talk about the day's activities; socialize issues and/or problems encountered; present overall percentages of test objectives completed to date; describe the activities planned for the next day; provide daily Emerging Results Reports (ERRs); and attend actively participate in Data Authentication Group (DAG) events and activities at the end of each SUT test event.
* Perform Test Reporting by conducting data reduction, analysis, and management in IAW the SUT Test Plan. Provide a Quick Look Report (QLR) that includes initial and emerging test results and lessons learned. Create and deliver a formal SUT Test Report that includes analyzed data and conclusions, including input from all applicable test events, e.g., Developmental, Operational, Interoperability (IOP) and Cybersecurity.
* Conduct SUT Cybersecurity documentation reviews by providing in depth technical RMF reviews/comments as they pertain to SUT programmatic documentation, such as Test and Evaluation Master Plan (TEMP)/Test and Evaluation Strategy (TES), and Requirement Documentation (i.e. Information Support Plan (ISP), DoD Architecture Framework (DoDAF) Technical and Architectural Views, and identify the critical SUT requirements and NR KPP that require needed Cybersecurity T&E to ensure DoD customer and stakeholder success.
* Support an integrated IOP T&E approach in conjunction w/ OT events by completing Cybersecurity test planning efforts, executing the test event, collecting, analyzing all data, test reporting, and all other efforts required for a robust, efficient, cost-effective T&E program.
SUPERVISORY DUTIES
* Provides input to staff involved in writing and updating technical documentation. Provides guidance and work leadership to less-experienced Cybersecurity and other T&E software, hardware and integrated system engineers and analysts, may serve as a technical team or task leader. Provide cybersecurity and information assurance consultation on complex projects and be a top-level contributor/specialist; must be expert at problem-solving, identifying risk, and communicating results and recommendations.
QUALIFICATIONS
Required Certifications
* Advanced cybersecurity certifications (e.g., CISSP, Sec+, OSCP, CEH).
Education, Background, and Years of Experience
* Requires a Technical Master's Degree in a science, technology or mathematics and 6 years of related DoD system or capability Cybersecurity experience (E.g. Tactical Data Link, DoD C2, C4/5ISR, Logistics, Medical Systems, Finance or Homeland Security Systems).
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills
* Ability to assist in the development/production of DT&E, OT&E and IOP products and documents (E.g. Test Concept Briefs (TCB), Data Source Matrix (DSM), Cybersecurity Test Plans, Quick Look Reports (QLR) and Final Report Memorandum) that clearly articulates the Cybersecurity results and findings.
* 6 years experience in cyber testing is required. Cyber testing experience consisting of conducting Cybersecurity Risk Assessment (CRA), Cyber Vulnerability Identification (CVI), Cooperative Vulnerability and Penetration Assessment (CVPA), and Adversarial Assessment (AA).
* The candidate must be a U.S. Citizen and have an active DoD Top Secret (TS) security clearance. The TS Security Clearance must have been completed within the past five (5) years.
Preferred Skills
Have experience in at least one of the following IT/NSS T&E Domains besides Cybersecurity T&E:
* * Development Test and Evaluation (DT&E)
* * Operational Test and Evaluation (OT&E)
* * Interoperability Test and Evaluation (IOP T&E)
* * Integrated Test and Evaluation (Integrated T&E
* * Standard Conformance and Compliance Test and Evaluation (SCCT&E)
* * NATO/Coalition Parter Verification and Validation T&E
* Excellent organizational, coordination, interpersonal and team building skills.
Should have some experience or familiarity with at least two or more of the following Business Analytics and Intelligence Software capabilities and Automated Software Test and Analysis Tools:
* Joint Analysis Net-Centric Evaluation Testing Toolkit (JANETT)
* JITC Data Management Tool (JDMT)
* DevSecOps
* Wireshark
* IXIA T&E Tools
* Altova T&E Tools
* Spirent Tools
* ServiceNow
* LoadRunner
* NMAP
* Power BI
Should have some experience or familiarity with at least one of the following DoD IT/NSS processes and or methodologies:
* DoD Cross Domain Solutions
* DoD Endpoint Security
* Zero Trust Security Architecture
* Secure Cloud Computing Architecture
* DoD Acquisition Processes and Regulations
* DoD Architecture Framework (DoDAF)
* Net Ready Key Performance Parameters (NR KPP)
* DOT&E Guidebook and Instructions on conducting OT&E activities.
* DoD/Military Service OTA Specific Guidebook and Instructions on conducting OT&E activities.
WORKING CONDITIONS
Environmental Conditions
* Government site with 0%-10% travel possible. Possible off-hours work to support releases and outages. General office environment. Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.
Strength Demands
* Sedentary - 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.
Physical Requirements
* Stand or Sit; Use Hands / Fingers to Handle or Feel Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together. What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.
Happy
-
Be Infectious.
Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.
Helpful
-
Be Supportive.
Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.
Honest
-
Be Trustworthy.
Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.
Humble
-
Be Grounded.
Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.
Hungry
-
Be Eager.
Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.
Hustle
-
Be Driven.
Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35
(c) Apply for this job |