Cyber Security Specialist

Who We Are:

• CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, civil aviation, and healthcare by revolutionizing our customers' training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness.
• CAE Defense & Security Mission: CAE's Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness.
• CAE Values: Empowerment, Innovation, Excellence, Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed.

What We Have to Offer:

• Comprehensive and competitive benefits package and flexibility that promotes work-life balance
• A work environment where all employees are valued, respected and safe
• Freedom to succeed by enabling team members to deliver, take initiatives and make decisions
• Recognition, professional development, advancement and having fun!

Summary

The Cybersecurity Specialist implements the Risk Management Framework for assessment and authorization of cloud based applications and simulator training systems. The primary role of the candidate is to ensure compliance with National Institute of Standards and Technology (NIST) Special Publications (800 -37, 800-53, 800-171) and Department of Defense (DoD) Instructions 8500.01 Cybersecurity and 8510.01 Risk Management Framework. The Cybersecurity Specialist requires ability to develop plans and procedures, conduct vulnerability and compliance scanning, assess and implement security controls, and develop plans of actions and milestones to resolve information security vulnerabilities. The candidate's role is to support the Information Security staff in the continuous monitoring of information systems ensuring that the authorized security posture is maintained.

Essential Duties and Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Maintain a clear understanding of NIST and DoD Cybersecurity and Information Assurance instructions
• Assess and implement operational, management and technical security controls and make recommendations and proposals for correcting deficiencies; develop compensating controls for information security deficiencies
• Assist with developing or updating of Information Security related plans, procedures, work methods and documentation
• Review current programs and define the steps needed for meeting the applicable cybersecurity and information assurance instructions. This includes detailed planning of all aspects of IA Compliance
• Conduct information security vulnerability and compliance scanning using the DoD's Assured Compliance Assessment Solution (ACAS) (Tenable Security Center and Nessus Software)
• Produce information security vulnerability scanning reports and develop Plans of Action and Milestones (POA&Ms) to resolve information security vulnerabilities
• Support, monitor, test and troubleshoot hardware and software cybersecurity issues and patches
• Apply computer changes to comply with DoD Security Technical Implementation Guides (STIGs)
• Application of DoD Information Assurance Vulnerability Management Program (IAVM)
• Work closely with information technology staff to define required tasks to be accomplished to meet IA instructions
• Work closely with customers to define program IA requirements.
• Writing Information Assurance documents to define plans and scope of IA requirements.
• Write Proposal sections to explain how CAE will meet IA instructions.
• Operating system level setup of computers to implement controls and apply patches to eliminate vulnerabilities.
• Perform other administrative functions/duties as assigned

Qualifications and Education Requirements

• B.S. degree in Computer Science, Computer Engineering, Information Technology, Electrical Engineering or other technical equivalent

• two years of related experience, or an equivalent combination of education and related experience. USAF experience highly desired.

• DoD 8570.01-M Information Assurance Technical level II (IAT II) Certification
• Familiarity with DFARS 252.204-7012 Safeguarding Covered Defense Information requirements and NIST SP 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
• Familiarity with DoD's Cybersecurity RMF Assessment and Authorization processes
• Familiarity with NIST SP 800-37 Guide for Applying the Risk Management Framework and NIST SP 800-53 R4 Security and Privacy Controls for Federal Information Systems and Organizations
• Prior experience in operating system setup and updates to apply patches to mitigate information security vulnerabilities.
• Related skill areas should include technical writing and presentation skills.
• Excellent written and verbal communication skills are required. Analytical and mathematical modeling ability.
• Ability to read, analyze, and interpret professional journals, technical procedures, or governmental regulations.
• Ability to write reports, business correspondence, and procedure manuals.
• Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems.
• Should be familiar with and able to support Engineering or Operations staff on any type and sub-component of training devices.
• The types of devices that will be encountered include full flight motion devices, maintenance training devices, and fixed base training devices.
• Ability to travel domestically and internationally
• At least one certification must be from this list: CCNA Security, CySA, GICSP, GSEC, Security+ CE and SSCP
• DUE TO U.S. GOVERNMENT CONTRACT REQUIREMENTS, ONLY U.S. CITIZENS ARE ELIGIBLE FOR THIS ROLE.

Security Responsibilities

Must complywith all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.

* Incumbent must be eligible for DoD Personal Security Clearance

Work Environment and Physical Demands

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

• Work is performed in an environment where irritants such as noise from telephones, temperature and lighting variations may exist, but there is little chance of injury, accident or occupational health problems.
• Works at job activities that require sitting, standing or walking for short periods throughout the day and focused visual concentration or focused listening
• Moderate to high levels of stress, associated with technical, schedule, and customer issues are to be expected with this position. Extended work hours and possible 2nd and 3rd shift assignments are likely to be encountered.
• May be required to sit down for long lengths of time.
• May be required to climb stairs.
• Must be able to travel CONUS and to International sites and work overtime as necessary
• Must be able to climb stairs to enter and exit a simulator

Salary Range: $91,500 to $106,800

The actual compensation rate is subject to the evaluation of the following factors (but not limited to): the candidate's work experience, qualifications, skills, internal equity, and market.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice.

CAE USA Inc. is an EOE/AA employer and gives consideration for employment to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you'd like more information about your EEO rights as an applicant under the law, please click here Know Your Rights: Workplace Discrimination is Illegal.

PAY TRANSPARENCY NONDISCRIMINATION PROVISION The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.