Cyber Security Engineer

• • Lead multi-disciplined teams in the design and implementation of the cyber security system architecture.
  • Produce cyber security architectural artifacts. Provide architectural analysis of cyber security
    features and existing system related to future needs and trends.
  • Reviews and provides input to system requirements based on cyber security posture.
  • Applies industry best practices and lessons learned into future iterations and new designs.
  • Supports the Engineering Review Board by evaluating artifacts for architectural compliance
  • Provides broad based experience in the systems engineering lifecycle and apply the experience to
    specific cyber security initiatives relating to architectural design and development
  • Resolves architecture implementation issues during integration and testing
  • Advise and assist team members to deploy and configure collection services and tools
  • Work with team members to move data to the appropriate data stores
  • Meet hands-on RMF responsibilities
  • Lead Vulnerability Management and ConMon tasks for multi-disciplined teams
  • Other tasks as assigned

• Proactive self-starter demonstrating a positive, willing attitude and excellent oral and written communication skills.
• Demonstrated ability to adapt to new technologies and learn quickly
• Organizational Skills: Can plan and prioritize work. Follows tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail.
• Communications: Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context.
• Security Assessment and Authorization (A&A) expertise
• Familiar with Amazon Web Services (S3 Buckets, EC2, Reserved Instances, etc.)
• Familiar with System Engineering documentation creation (VDDs, diagrams, etc.)
• Familiar with team collaboration tools (Jira, Confluence, RocketChat)
• Working knowledge with XACTA 360, Tenable Security Center, Nessus, Trellix ePO, ACAS, HBSS and Audit enterprise security services
• Proficient in ACAS Vulnerability and STIG scanning, reporting, management and remediation
• Viewed as an industry expert in the Risk Management Framework (RMF) steps one thru six with the ability to lead Assessment and Authorization (A&A) tasks to successfully achieve Authority to Operate (ATO)
• Must possess and maintain a TS/SCI Security Clearance
• DoD.8570/8140 IAM III Certification (CISSP, CISM, CISA, etc.)
  • Minimum Required - COMPTIA Security or comparable IAT/IAM II/III certification
• Requires BS degree and 8-12 years of prior relevant experience OR, Masters with 6-10 years of prior relevant experience; OR 4 years of additional experience in lieu of degree

• • Familiar with CI/CD Pipeline Management
  • Experience with DevOps tools (GitLab, Fortify, EKS, Kubernetes, Docker, OpenShift)
  • Experience with cloud-based architectures
  • Experience with Engineering Review Boards and Change Management
  • Prior experience with ICD 503
  • Federal Information Security Management Act (FISMA)
  • XACTA
  • National Institute of Standards and Technology (NIST)