What are the responsibilities and job description for the Principal System Security Engineer position at Owl Cyber Defense?
| Job Title: | Principal System Security Engineer |
| Department: | Engineering |
| Reports to: | SVP Engineering |
| Office: | Columbia, MD |
| Work Environment: | Remote or Hybrid |
Owl Cyber Defense is a leader and trusted partner in cyber security. We deliver solutions that protect and connect the world’s most critical networks. Owl’s product lines of cross domain, data diode, and portable media solutions provide the strongest available security checkpoints for threat prevention and secure data availability. Our in-depth expertise in security engineering at the operating system level enables us to help government and commercial customers meet ever-evolving cyber security threats.
Job Summary:
Owl’s Principal System Security Engineer ensures our mission-critical security products are engineered and deployed to meet the strictest DoD and federal requirements. This role leads the secure design, integration, and compliance of Owl’s cross domain and data-transfer products, driving security architecture reviews and embedding NSA Raise-the-Bar and NIST 800-53 requirements into every stage of development. Working across engineering, development, and product teams, the position ensures solutions meet mission, operational, and federal security expectations while serving as a primary technical liaison to NCDSMO and other government stakeholders to guide secure deployments and maintain product assurance.
Essential Duties and Responsibilities:
- Work as a cross functional technical engineer to provide system engineering, cyber security, solution architecture and product integration across various internal teams (Developers, Product Engineering and Integration).
- Lead system and security engineering and integration reviews of new features and capabilities in current product portfolio and new products as well as the integration of components (cross domains, adapters, proxies, diode and filters) and networks (administrative, management, and defensive cyber operations) into solution architectures. This function also includes:
- Conduct technical deep dive TEMs and security architectural reviews with the product integrators, engineers, and developers.
- Work to understand the operational, functional and security requirements as they relate to mission and deployment environments.
- Work with solution architects and sales engineers to ensure system designs, implementations, configurations and integrations into operational environments are compliant from a security perspective.
- Assist in design engineering and development efforts to implement Raise the Bar (RTB) compliance, inserting requirements into the product design, engineering, and development processes. Facilitate products through the Cross Domain Solutions (CDS) processes to include system design, testing and deployment documentation. Support the development of related technical and information/ decision briefs, as well as patching and upgrades briefings.
- Collaborate with software development and network operations teams to integrate secure data transfer practices into the Software Development Lifecyle.
- Work with SW developers to ensure RTB compliance – that requirements are implemented, mechanisms defined and documented by development teams for all solutions, common platforms and components.
- Work with A&A teams on documentation, test procedures, and security policies, ensuring compliance with NSA Raise-the-Bar (RTB) and NIST 800-53 standards.
- Technical point of contact for the NCDSMO Director and Tech Director, and CDTAB/ DSAWG/ CDSEs working collectively to discuss and resolve a range of issues from RTB requirements, mission, operational and technical requirements, to conducting security and architecture design reviews, and implementations for Enterprise deployments, tactical requirements, data types/flows and filtering.
- Provide guidance in the development and maintenance of comprehensive system and security test cases to ensure complete coverage of all RTB requirements.
- Support teams in reviewing SCAP scans, Common Vulnerabilities and Exposures (CVEs), Information Assurance Vulnerability Alerts IAVAs, and work with teams to keep current on DoD memorandums, BODs, NSM etc., that are pertinent to product lines. Ensure product development teams address identified issues.
- Support teams in conducting Security-Enhanced Linux (SELinux) analysis to ensure strict Mandatory Access Control (MAC) Discretionary Access Control (DAC) enforcement in products.
Requirements/Qualifications:
- Education
- Bachelor’s Degree in a technical discipline (Master’s degree preferred)
- Experience
- Twelve years of experience in security and vulnerability analysis, demonstrating a strong understanding of identifying and mitigating security risks.
- Five years in a security leadership position.
- Cross-Domain Solutions (CDS) Familiarity.
- Knowledge, Skills & Abilities
- Experience with secure software development principles.
- Strong communication and collaboration skills across product teams.
- Excellent problem-solving and critical-thinking skills.
- Understanding of Agile/Scrum methodologies and tools (Git, JIRA).
- Ability to prioritize tasks effectively.
- Experience in hiring, scaling teams, and managing remote engineering teams.
- Comprehensive understanding of the NCDSMO's "Raise the Bar" requirements and related implementation guidance preferred.
- Knowledge and practical experience with Security-Enhanced Linux (SELinux) configurations and policies preferred.
- Additional Competencies/Requirements
- This position offers a hybrid work arrangement.
- Candidates must be able to obtain/maintain a US Government security clearance.
About Owl Cyber Defense Solutions, LLC
Owl Cyber Defense Solutions, LLC is a fast-growing cybersecurity solutions company, holding a firm leadership position in network security and secure information transfer. It is a privately-owned US company with offices in Columbia, MD, Danbury, CT and Morrisville, NC. For more information, see http://www.owlcyberdefense.com.
Owl Cyber Defense is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive equal consideration for employment.