Business Unit: Cubic Mission and Performance Solutions Company Details: Cubic offers an opportunity to provide innovative technology for government and commercial customers around the globe, helping to solve their future problems today. We’re leading provider of realistic combat training systems, secure communications and networking and highly specialized support services for military and security forces of the U.S. and allied nations, and the leading integrator of payment and information technology and services for intelligent travel solutions worldwide. If you have an entrepreneurial spirit and thrive in an innovative environment, we want to talk to you about your next role at Cubic! We are seeking employees inspired by technology, and motivated by the rewards of hard work, commitment, teamwork, quality, integrity, and respect. We invite you to explore opportunities with Cubic. • Candidates must have U.S. Citizenship and meet eligibility requirements to obtain a U.S. Government clearance • Candidates should possess a bachelor’s degree in cybersecurity, software engineering, network engineering, computer science, computer engineering, Information Technology, or a related discipline • Candidates should possess 5-9 years of professional experience Job Details: Job Summary: The candidate will be joining a cross-functional security team responsible for the security posture of commercial software products supporting DoD missions, organizational software development environments enabling new product development, and maintaining regulatory compliance in support of business and information systems infrastructure. The candidate will operate in both team and individual settings (security team reach back is available) and will exercise sound judgement when guiding organizational entities through security frameworks, assessments, remediations, and improvements. The candidate will have opportunities to work with emerging product development teams supporting security requirements as equal weighted with functional requirements. The candidate will also have opportunities to work with and develop secure architectures, security procedures and tests for multiple technologies including containers, kubernetes, and service-meshes, etc. The candidate must demonstrate their knowledge of critical thinking and problem solving under limited supervision. Adhere to engineering standards for developing testable, maintainable, and well-documented security practices in accordance with Agile development methodology, tools and release processes. Essential Job Duties and Responsibilities: Identifies, investigates and resolves technical issues. Works under general direction within a clear framework of accountability and exercises substantial personal responsibility and autonomy Strong verbal, written communications and interpersonal skills; ability to interact professionally with internal and external customers, and technical and non-technical persons May be required to travel domestically and internationally Conduct tool-assisted vulnerability and compliance network assessment updates, and work with relevant personnel to resolve findings Direct, implement, and document adherence to NIST 800-53 rev4 security controls Partner with software engineers to remediate security findings Maintain security assessment environments and tools Support program personnel keeping product relevant security scans/documentation/reports up to date Support/improve development networks continuous monitoring activities Minimum Job Requirements: Candidate must be able to prioritize work, complete multiple tasks and work within deadlines. Candidate must be adept in both verbal and written communication. Candidate must be responsible, organized, and leverage logical thought processes and work methods Candidate should have the ability to produce technical writing artifacts describing security assessments, findings and remediation actions. Candidate should possess strong analytical and problem-solving skills Candidate should possess strong interpersonal and team-oriented skills Candidate should be comfortable working in both remote and in-office environments Moderate understanding of Unix/Linux-based operating systems (commands, navigation, and troubleshooting) (RedHat, CentOS, Rocky, Ubuntu, etc.) Moderate to experienced understanding of NIST frameworks and security assessments Moderate demonstrable knowledge of one/multiple security tools (ex. Nessus, Nmap, Wireshark, Wazuh, OWASP ZAP, Burp Suite, etc.) Moderate knowledge of virtualized environments Moderate experience supporting software development teams and environments Moderate to advanced understanding of Information Assurance and security requirements as it applies to the Department of Defense (IA controls, NIST, STIGs, etc.) Preferred Qualifications Experience with various agile tools such as Jira, and Confluence Experience developing and performing security assessments and/or accreditation packages Moderate to advanced demonstrable knowledge of security tools Moderate experience implementing CIS benchmarks or DoD STIGs. Experience with automation and/or containerization technologies Advanced understanding of Information Assurance and security requirements as it applies to the Department of Defense (IA controls, NIST, STIGs, etc.) Experience administrating Unix/Linux and/or Windows systems Experience with SAFe / Agile concepts and methods Experience working with database technologies like PostgreSQL and Redis Experience with public cloud systems like Amazon Web Services, MS Azure, Heroku, etc. Any security certifications: CompTIA Security , EC-Council CEH, (ISC)2 CISSP, SANS GIAC cert, etc. The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business needs. Worker Type: Employee