Cybersecurity Engineer (59903)

BMA is seeking a Cybersecurity Engineer to support the DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award.

Job Summary 

• BMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract.
• The CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA’s J6 Information Operations (IO) Directorate.
• The CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments.
• The CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS).
• The role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems.
• The CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews.
• The CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle.
• Key responsibilities include CS engineering and system security design.
• Provide CS engineering support for the planning, design, development, testing, and integration of DLA information systems.
• Analyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design.
• Integrate CS engineering principles into enterprise IT, cloud environments, and OT systems.
• Support secure system architecture development and CS engineering documentation.
• Conduct vulnerability assessment and risk analysis.
• Conduct CS vulnerability assessments across DLA IT, Cloud, and OT environments.
• Evaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses.
• Perform risk assessments to determine the likelihood and impact of identified CS threats.
• Develop mitigation strategies and technical recommendations to reduce system risk and improve CS posture.
• Provide information assurance engineering support.
• Perform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies.
• Conduct CS assessments and security test and evaluation activities to validate compliance with CS standards.
• Support CS engineering reviews for both classified and unclassified information systems.
• Provide technical analysis of proposed CS policies and assess their impact on system architectures and security operations.
• Conduct CS compliance and security control validation.
• Evaluate compliance of DLA systems with CS policies, standards, and regulatory requirements.
• Identify areas of non-compliance and recommend remediation actions.
• Support implementation of security controls aligned with enterprise CS architecture.
• Assist with development and maintenance of CS standards, guides, and implementation documentation.
• Provide CS documentation and reporting.
• Develop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses.
• Produce implementation documentation and technical reports supporting CS engineering efforts.
• Document vulnerability findings and recommended mitigation strategies.
• Provide status updates and technical reports supporting project activities and CS operations.
• Perform OT security engineering.
• Evaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems.
• Assess OT system architecture, network configurations, and system interfaces for potential vulnerabilities.
• Provide CS engineering recommendations for OT system protection and risk mitigation.

Clearance Requirement 

There is a Secret security clearance requirement for this role at time of proposal submission. 

Required Skills & Certifications 

• DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC).
• DoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract). 
• Computing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification.
• 10 years of relevant information technology experience supporting cybersecurity or information assurance programs.
• 5 years of Operational Technology (OT) cybersecurity experience.
• Demonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis.
• Experience supporting cybersecurity compliance assessments within large enterprise IT environments.
• Strong analytical and problem-solving skills related to cybersecurity engineering challenges.
• Experience working with enterprise IT infrastructure, network security, and cloud-based systems.
• Experience with STIG compliance cycles, vulnerability management, and POA&M governance.
• Strong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages.
• Strong facilitation skills for IPTs/WG sessions and cross-functional coordination.
   

Desired Skills & Certifications 

• TS with SCI eligibility.
• Experience supporting DoD or DLA program offices.
• Experience supporting DoD or DLA environments.
• BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.
• Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.
• One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA ), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.
• Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).

Other Duties

• Able to travel within a week's notice.
• This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.
• Duties, responsibilities, and activities may change at any time with or without notice. 
   

Overview

BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.

Benefits

We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. 

AAP & EEO Statement
 Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.