Job Description
Supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment, including introducing new cyber capabilities to address emerging threats. Seeking a Senior Cybersecurity Engineer (CSE) Subject Matter Expert (SME) with DevSecOps experience to support the identify, implement, and document as well as support the deployment of advanced cybersecurity capabilities.
The Senior CSE SME role is to effectively support Authorization and Accreditation (A&A) efforts through cyber risk assessment, policy analysis, National Institute of Standards and Technology (NIST) security control validation and DHS 4300A system requirements. Provide expertise through recommendations associated with cybersecurity security test and evaluation, system vulnerability and compliance in support of Authorization and Accreditation (A&A) as well as continuous monitoring throughout the System Development Life Cycle within our digital environment e.g. Azure, AWS.
Responsibilities Include:
• Identify security requirements for system;
• Ensure security requirements are planned, implemented, and tested; Support vulnerability testing of all code before submitting to Security, Testing and Evaluation (ST&E)
• Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests and Configuration Change Requests
• Responsible for reviewing Port Open Requests (PORs)
• Review and input into the CONOPS
• Work with the ISSOs to gather security controls and documents to include writing and management update with subject matter experts
• Responsible for any technical insertions
• Responsible for reviewing and tracking POA&Ms
• Pre-ST&E testing when able/applicable
• Work with the ST&E team to ensure testing target is accessible and ready (Checklist and regular meetings)
• Work with ISSO, ISSE, and Security Control Accessors (SCA) to verify security approach in support of an ATO/ATP decision
• Work with the vulnerability management team to access and test the target (app/system)
• Work with the team to ensure the compliance and vulnerability findings are remediated, (or mitigated
• Monitor IAVM notifications from multiple channels and ensure actions for relevant issues are planned and implemented
• Take action to ensure the security of the development environment
Required Skills:
• U.S. Citizenship
• Active Secret (S) clearance. Must be able to obtain a TS/SCI clearance
• Must be able to obtain DHS Suitability
• 8+ years of directly relevant cyber security engineering experience
• 2+ years experience with Agile software development programs
• Experience in intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
• Experience with standard security principles, policies, and industry best practices
• Practical experience hardening IT systems in compliance with STE/STIG guidelines
• Experience and knowledge of networking (TCP/IP, topology, sockets and security), operating systems (Windows/UNIX/Linux), and web technologies (Internet security)
Desired Skills:
• Understanding of security technologies and concepts, experience in design and implementation of secure network solutions including DMZs and web portals
• Knowledge of Information Assurance and Information Operations technologies and development activities
• Understanding of the processes and guidelines for Authorizing & Accrediting (DCID, ICD, NIST 800-53, SANS 20) information systems based upon experience on a large-scale development program
• Possesses or quickly develop a comprehensive understanding of Government Information Security policies, regulations, and guidelines
Required Education:
• Bachelor’s degree in Cyber Security, Information Security, Software Engineering or a related discipline is required. [Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree "
Desired Certifications:
• Certified Information Systems Security Professional (CISSP) certification required.
• DoD 8570 IAM Level II certification required.
• Certified Ethical Hacker (CEH) certification desired."
Must be able to go into the office (No Hybrid and No Remote).