Cyber Security Engineer, FEMA Program
Federal Emergency Management Agency (FEMA), Independent Security Operations, Oversight,
and Assessment and Authorization (ISO2A2) Support
Duties/Responsibilities:
Engineers maintain responsibility for performing the technical tasks associated with developing
FEMA A&A packages. These tasks include conducting application and vulnerability scans using
security scanning tools. Engineers develop technical documentation e.g. network diagrams,
inventory control, data flows and perform reviews of the technical sections of A&A artifacts
including verification and validation of IA Controls. Engineers review vulnerability scans to
identify false positives, mitigation strategies, and system fixes. Engineers assist with the
establishment of accreditation boundaries and the validation of completed POA&M items.
Engineer members will be responsible for completing tasks as assigned and on schedule, providing
SME support to the project for completing assessment package deliverables and conducting
technical testing using automated tools.
Supervisor: Cyber Security Team Lead
Operational Oversight: Sr. Cyber Security Engineer
Required Skills, Experience
Working experience (Hands On configuration and scanning) with the following tools:
 WebInspect
 AppDetective
 Nessus/Retina
 Visio
 Develop Technical C&A or A&A security packages and documents
 Developing Security Test Reports, POA&Ms
Certification Requirements
 Required: Security+
Education Requirements
 Associates degree or equivalent experience in Information Technology/Information Security
related field
 4 to 6 Years Information Security Experience