Is in search of a Cybersecurity Engineer to provide support for an agile software development initiative. As a member of the security team, you’ll assist in the identification and implementation of information assurance/cybersecurity requirements. The successful candidate must have experience with threat analysis, vulnerability management, as well as assessment and authorization processes for the Federal government, Department of Defense, or intelligence community.
Specific Responsibilities:
- Responsible for implementation and application of technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
- Identify, analyze, and report potential or realized threat events; research remediations and present recommendations and assist team members in developing mitigation strategies.
- Analyze vulnerability scan reports, security threats, and possible implications.
- Assess deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and recommend appropriate mitigation countermeasures .
- Test, implement, maintain, and administer hardware and software required to effectively secure the IT systems.
- Monitor systems for unauthorized activities.
- Document and track plans of action and milestones (POA&Ms).
- Assist with incident response activities.
- Review DoD Information Assurance Vulnerability Management (IAVM) alerts and work with engineers, administrators, and developers to remediate identified issues.
- Inspect systems for vulnerabilities using manual and automated means.
- Communicate security regulations, policies, and requirements to ensure compliance.
What You’ll Get to Do
cybersecurity teams use proven solutions to manage, monitor, and immediately respond to cyber threats. Capabilities include cyber assessments, event monitoring and incident response, and implementation of preventative measures to isolate and mitigate cyber threats.
More About the Role
Responsible for assessing technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
REQUIRED QUALIFICATIONS:
- Experience providing security, system or network administration.
- Knowledge and experience with Linux or Windows operating systems, databases, or network architecture.
- Working knowledge and understanding of information and networking security requirements for Federal government, Department of Defense, or intelligence community.
- Experience in the application of NIST RMF guidance, DISA STIGs, Privacy Act, HIPAA, and DoD/Air Force regulations, instructions, manuals, checklist and guides for cybersecurity.
- Strong analytical and problem-solving skills.
- Must have ability to work independently and as a team member with excellent organizational and time-management skills.
- Experience monitoring systems for unauthorized activities.
- Must be detailed-oriented, exercise sound judgment, able to review the work of others, and be able to detect errors or needed modifications.
- Must possess excellent oral and written communications skills with ability to communicate in a clear and concise manner to both technical and nontechnical audiences.
- Must demonstrate a high degree of personal integrity and ability to discreetly handle sensitive information.
- Must hold a DoD 8570.01-M approved security certification such as Security+CE, CAP, CEH, SSCP, CISSP, CCNA-Security, or CISA.
- US citizenship required.
- Must be able to obtain a Public Trust position.
- Minimum 5 years related work experience
These Qualifications Would Be Nice to Have
- Demonstrated experience with vulnerability management
- Experience with eMASS, ACAS, WebInspect, Nessus, Static Code Analysis, Splunk, Burp Suite or similar tools
- Monitoring and testing of IT systems for vulnerabilities and indicators of compromise
- Configuring or validating secure systems
- Bachelor’s or master’s degree in Cyber Security, Computer Science, Engineering, Mathematics, or a related field