Job description

Overview M.C. Dean is seeking a highly skilled Cybersecurity System Administrator to support a secure operational technology environment by integrating advanced system administration with proactive cybersecurity operations. This dual-role position requires an individual with both hands-on technical expertise in managing modern enterprise IT systems and a deep understanding of federal cybersecurity frameworks and risk management. Primary Responsibilities: System Administration Duties * Install, configure, upgrade, and maintain enterprise systems including: * Windows Server 2019/2022, Windows 10, RHEL 7/8 • VMware ESXi / vSAN infrastructure • Web browsers, Adobe Acrobat, and other desktop applications • Manage virtual machines and storage in a VMware vSAN environment. • Administer Microsoft SCCM, WSUS, Active Directory (AD), Group Policy (GPO), and perform system patching and image deployment. • Integrate and maintain vendor systems and third-party applications within a Windows ecosystem. • Operate and manage jump (bastion) hosts for network segregation and secure remote access. • Coordinate with development and support teams to test system hardware/software and optimize performance. • Provide Tier 1-3 support, troubleshoot incidents, and maintain operational resilience via regular backups and recovery plans. • Load PKI certificates and maintain change management documentation and incident logs.Cybersecurity Operations * Serve as the Information System Security Manager (ISSM) for all assigned systems. • Monitor networks for real-time threat indicators; investigate and respond to security events. • Implement and operate cybersecurity tools such as ACAS, NESSUS, SCAP, and STIG Checklists. • Conduct and remediate vulnerability scans; follow DISA STIGs and IAVA compliance. • Manage POA&Ms, deviation lists, and ensure systems maintain Authority to Operate (ATO). • Provide FRCS cybersecurity engineering support and continuous monitoring in accordance with DoD and Army standards. • Perform penetration testing, threat analysis, and security risk assessments in lab/test environments. • Collaborate with stakeholders to improve system hardening, respond to ICS-CERT alerts, and mitigate CAT 1/2/3 vulnerabilities.Compliance & Documentation: * Maintain up-to-date security artifacts, plans, and policies as required under RMF, NIST SP 800-series, FISMA, and FedRAMP. • Load documentation and scan data into the A&A Asset Manager. • Facilitate FISMA-required annual reviews (e.g., Contingency Plans, Security Controls). • Support system reauthorization activities, including 5-day on-site assessments if required. • Educate end users on security best practices and threat awareness.Work Conditions & Travel: * Primarily on-site; periodic travel may be required for assessments or installations. • Participation in on-site assessments up to 5 days in duration. • Occasional after-hours support for mission-critical operations. Responsibilities Position Responsibilities: • Conduct ICS/SCADA system inventories following guidance including, but not limited to U.S. Army ICS Inventory Methodology and Unified Facilities Criteria (UFC) 4-010-06, Cybersecurity of Facility-Related Control Systems. • Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process. • Implement Implementation of DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems. • Conduct vulnerability scanning and document system vulnerabilities. • Work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts. Required Education & Experience: * Active TS/SCI w/ polygraph clearance is required. • 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity • 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity • 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity • 11+ Years with a High School Diploma • Ability to process and operate application software, to include word-processing, spreadsheets and databases. • Must meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 2, IAT (Information Assurance Technical) Level 2, OR IASAE (Information Assurance System Architect and Engineer) Level 2. • Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows. • Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.). Qualifications Qualifications: Minimum Requirements: * DoD 8140 IAT Level II certification (e.g., Security+ CE, CCNA Security, CySA+). • TS/SCI clearance is required. • 5+ years of experience in DoD RMF cybersecurity and system administration. • Experience with IA tools and processes: STIGs, Nessus, SCAP, ACAS, vulnerability management. • Demonstrated knowledge of: * Windows Server/Client, RHEL, VMware • Cybersecurity frameworks: RMF, NIST SP 800-53, FISMA • Security monitoring, firewall, and encryption toolsets. • 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity • 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity • 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity • 11+ Years with a High School Diploma or GEDPreferred: * Bachelor's degree in Computer Science, Information Systems, or related technical field. • Familiarity with federal cybersecurity policy, FRCS/ICS security operations, and DoD IA compliance. Additional Preferred Qualifications: • 5+ years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems • Strongly preferred: Meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 3, IAT (Information Assurance Technical) Level 3, OR IASAE (Information Assurance System Architect and Engineer) Level 3 • Familiarity with various industry ICS products • Experience implementing a variety of security assessment tools • Implementation of DoD Security Technical Implementation Guides (STIGs) • Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark) • Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation • Strong written and verbal communication skills Ability to coordinate with and support multiple team members, vendors, and government customers • Ability to identify, maintain, and troubleshoot HMI components • Ability to identify, maintain, and troubleshoot control network components • Ability to interpret drawings both mechanical and electrical • Ability to identify, maintain, and utilize SCADA systems and KPI's • Ability to train others with lesser skills • Ability to access all levels and areas of the facility • Working knowledge of EMS/SCADA or other operational control systems. • Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols • Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility • Awareness of DoD Risk Management Framework (RMF) process. • Possession of excellent customer service and organization skills. • Possession of excellent oral and written communication skills. Preferred Certifications: • Certified Information Systems Security Professional (CISSP) • Certified Ethical Hacker (CEH) • Certified SCADA Security Architect (CSSA) Related Control Systems. Abilities: • Exposure to computer screens for an extended period of time. • Sitting for extended periods of time. • Reach by extending hands or arms in any direction. • Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard. • Listen to and understand information and ideas presented through spoken words and sentences. • Communicate information and ideas in speaking so others will understand. • Read and understand information and ideas presented in writing. • Apply general rules to specific problems to produce answers that make sense. • Identify and understand the speech of another person. We offer an excellent benefits package including * A competitive salary • Medical, dental, vision, life, and disability insurance • Paid-time off • Tuition reimbursement • 401k Retirement Plan • Military Reserve pay offset • Paid maternity leave Pay Range USD $104,080.00 - USD $156,120.00 /Yr. About the Company: M.C. Dean

Requirements