Cyber Systems Engineer IV - Vulnerability Management ...

Arcfield Overview Arcfield is a leading provider of full lifecycle, mission-focused systems engineering and integration capabilities to the U.S. government and its allies. The company has more than 60 years of proven experience providing advanced engineering and analysis, IT and C5ISR capabilities to support our nation''s most critical national security missions. Headquartered in Chantilly, VA and with 16 offices around the world, Arcfield employs approximately 1,200 engineers, analysts, IT specialists, and other professionals who put our customers'' missions first, helping them solve their most complex challenges through innovations in modeling, simulation and analysis, digital transformation and C5ISR. Visit for more details. Responsibilities Program Description: The program provides Systems Engineering and Technical Assistance (SETA) support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Cyber Systems Engineer - Vulnerability Management provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to: * Support the IT vulnerability management lifecycle. * Support government activities and reporting to appropriate IC and DoD authorities (i.e., USCYBERCOM, IC-SCC). * Assesses and manages the implementation of identified corrections associated with technical vulnerabilities. * Update and manage metrics reporting for several database sources. Collect the necessary data, develops, and delivers a periodic Cyber Vulnerabilities Metrics Reports. * Develop and delivers asset vulnerability views for categories such as mission, cross domain, and location, as required by the customer. * Develop cyber threat analysis for known threats. * Document and deliver reporting activities related to cyber threat situational awareness and reporting, as well as cyber-related metrics and reporting. * Document and deliver Government activities and reporting related to tasking and directions received from stakeholders (i.e., USCYBERCOM, IC-SCC). * Coordinate and prepare Inspector General (IG) FISMA closure requests from field reps and program Information System Security Engineers (ISSEs) * Coordinate with RMF stakeholders on closure Body of Evidence (BoE) for Enterprise Vulnerability and Remediation (EVAR) tracked findings * Prepare and update slides for weekly and monthly meetings * Research trending vulnerabilities being reported through enterprise security tools * Support automation activities with system engineers from other offices Qualifications Required: * Requires 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD. * Current U.S. Government Top Secret clearance with SCI eligibility * Favorably adjudicated Polygraph * Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification * DoD 8570 certification in IAT or IAM * Strong analytic and risk management skills * Strong attention to detail and organizational skills * Excellent communications skills * Self-starter requiring limited direction and supervision * Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation Desired: * Experience supporting IT domain or IC Experience with acquisition and project management * Experience briefing senior customer personnel * Ability to organize and prioritize numerous customer requests in a fast-paced deadline driven environment * Familiarity with customer''s IA processes * Experience with SNOW and Splunk * Familiarity with Cross Domain Systems (CDS) * Experience supporting IC or DoD in the Cyber Security Domain

Created: 2025-09-06