Cyber Security Engineer

Cyber Security Engineer

Requirements

• BS degree and 12+ years of prior relevant experience.
• An active TS/SCI clearance with ability to obtain a Polygraph.
• At least one DoD 8570.01-M IAT Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, SSCP, CISSP (or Associate)
• 1 year of experience developing and reviewing security concept of operations, systems security plans, security risk assessments, contingency plans, configuration management plans
• Experience configuring, running, and analyzing vulnerability scans
• Experience with XACTA, EMass, or similar tool
• Experience with NIST Special Publications e.g. NIST SP 800-27, 30, 37, 53, 60
• Experience with CNSS publication CNSSI 1253
• Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans
• Strong analytical, communication, problem solving, and interpersonal skills
• Experience establishing a System Security Engineering (SSE) management process to integrate security and privacy controls into complex hardware and software systems.

Responsibilities

• Perform review and analysis of cybersecurity event logs
• Conduct and review technical cybersecurity assessments
• Coordinate with security personnel and recommend mitigation strategies
• Identify points of vulnerability and non-compliance with established cybersecurity standards and regulations
• Collaborate with our DevOpsSec team to help with analyzing scan results and remediation of findings
• Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues
• Perform and maintain vulnerability scans using Assured Compliance Assessment Solution (ACAS) and create reports
• Track and report Information Assurance Vulnerability Management (IAVM) compliance using Assured Compliance Assessment Solution (ACAS)
• Maintain Authorization to Operate (ATO) records in XACTA system
• Manage and report Plan of Actions and Milestones (POA&M) compliance
• Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
• Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems
• Apply system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing.

Preferred Qualifications

• Software development/coding experience with programming languages such as Python, Java, and React
• Experience with DevOpsSec pipelines and tools
• Experience with database systems, search engines, web applications
• Experience in a Linux Red Hat and Centos environment
• Experience with big data applications
• Experience with Jira and Confluence
• Experience working in an Agile environment
• Experience with NIST SP 800-171