Cybersecurity Engineer

Job Description

GENERAL JOB SUMMARY:

Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts of infiltrate customer's products/ systems. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Relies on instructions and pre-established guidelines to perform the functions of the job. Normally receives general instructions on work and new assignments. Works under immediate supervision.

ESSENTIAL JOB FUNCTIONS:

• Assist with information security functions that include designing, developing, and implementing highly secure network solutions
• Assist with annual review of each accredited system / subsystem IA controls according to NIST SP 800-53
• Assist with maintaining an Authority to Operate (ATO) certification to the RMF Confidentiality Integrity and Availability (CIA) and Certification Level (CL) for a system / subsystem
• Assist with maintaining hardware, software, and network firewalls and encryption protocols
• Assist with applying Security Technical Implementation Guide (STIG) per Defense Information Systems Agency (DISA)
• Perform / assist with OS security patch updates, device driver updates, and BIOS firmware updates
• Assist with network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures
• Perform / assist with Antivirus updates
• Assist with creation / review Quarterly / Annual reports / documents to include:
  • System Security Plan (SSP)
  • System Contingency Plan (SCP)
  • Software Installation Build Procedure (SIBP)
  • ACAS/Nessus Scan Reports
  • SCAP Scan Reports
  • Database Scan Reports
  • Static Code Analysis Reports
  • Software & Hardware List
  • STIG Checklist / Reports
  • STIG Deviation Reports
  • Information Assurance vulnerability Alert (IAVA) Reports
  • Ports, Protocols and Services (PPS) List
  • Plan of Action and Milestone (POA&M) Report
  • Accreditation Boundary Diagram
• Assist with creation / deploy / maintaining system images
• Continue training / education to develop cybersecurity skills to support MSI programs / projects
• Must be at assigned worksite during assigned hours 100% of time; less PTO, FML/STD/LTD

Other Job Functions

• Maintain integrity of customer, military and company standards and requirements during cybersecurity activities
• Support design reviews, program reviews, and other presentations to the customer to include development of presentation material and taking meeting minutes
• Perform other work-related tasks or assignments as directed by supervisor

SUPERVISORY RESPONSIBILITY:

• None

#LI-Onsite

Experience and Skills

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

• Ability to maintain sensitive and confidential information as required by government standards
• Ability to get and maintain a DoD Common Access Card (CAC)
• Ability to interact effectively with peers and supervisors
• Ability to interact appropriately with the public when necessary
• Ability to adhere to workplace rules
• Ability to read, write and develop intelligible instructions, procedures and cybersecurity documentation
• Ability to collaborate and work with a multi-functional team in a fast-paced environment
• Strong and pronounced problem solving and analytical skills
• Basic understanding of software engineering and cybersecurity principles and practices
• Basic understanding of Software Lifecyle Management to include development, configuration control, and release management
• Basic understanding of CUI data and appropriate marking / labeling
• Ability to drive towards goals and milestones while valuing and maintaining a strong attention to detail and schedule
• Basic understanding of the Agile software project management and development processes to include Scrum and/or Kanban with ability to lead project teams, evaluate / create / modify to improve current processes
• Working knowledge of NIST SP 800-53 Risk Management Framework (RMF) processes and procedures
• Must have highly developed interpersonal skills to interact with and present to customers and senior management

EDUCATION AND EXPERIENCE:

• AS / BS in Cybersecurity, Computer Science, Computer Engineering, Electrical Engineering, or related technical field preferred
• DoD Approved 8570 Baseline Certification with a minimum of IAT Level I within 6 months of taken the position of Cybersecurity Engineer 1
• 0- 2 years of cybersecurity experience or related field
• Basic experience with Python, C++, Java, Power Shell
• Experience with Linux Operating Systems (e.g. Red Hat, Ubuntu, CentOS, etc.) including building image from scratch
• Experience with Windows Operating Systems (e.g., Win 10, Win 11, etc.) including building image from scratch
• Experience with applying security patches / updates to OS (e.g., Windows, Linux, etc.)
• Basic experience with Windows Server
• Basic experience with reviewing / updating BIOS firmware
• Basic experience with computer imaging software (Clonezilla, Acronis, etc.)
• Basic experience with Approved DoD IA Tools (Nessus, STIG Viewer, SCAP, Secure Host Baseline Framework)
• Basic experience with embedded systems and working with Real-Time Operating Systems (RTOS) preferred
• Basic experience with vulnerability testing and remediation
• Basic experience with installing and maintaining x509, DoD PKI, SSL / TLS certificates
• Basic experience with MS Word, Excel, PowerPoint, Visio, Teams, database management systems

WORK ENVIRONMENT / PHYSICAL REQUIREMENTS:

• Office and production environment
• Ability to stand and sit for long periods of time
• Ability to perform repetitive motion (keyboarding, 10-key, phones)
• Ability to lift up to 25 pounds
• Ability to travel, foreign and/or domestic 10% of the time in support of customer products

THE ABOVE STATEMENTS ARE INTENDED TO DESCRIBE THE GENERAL NATURE AND LEVEL OF WORK BEING PERFORMED BY INDIVIDUALS ASSIGNED TO THIS CLASSIFICATION. THEY ARE NOT INTENDED TO BE CONSTRUED AS AN EXHAUSTIVE LIST OF ALL RESPONSIBILITIES, DUTIES AND SKILLS REQUIRED OF PERSONNEL SO CLASSIFIED.

A REVIEW OF THIS CLASSIFICATION HAS EXCLUDED THE MARGINAL FUNCTIONS OF THE CLASSIFICATION THAT ARE INCIDENTAL TO THE PERFORMANCE OF FUNDAMENTAL JOB JUTIES. ALL DUTIES AND RESPONSIBILITIES ARE ESSENTIAL JOB FUNCTIONS AND REQUIREMENTS AND ARE SUBJECT TO POSSIBLE MODIFICATION TO REASONABLY ACCOMMODATE INDIVIDUALS WITH DISABILITIES TO PERFORM THIS JOB PROFICIENTLY. THE REQUIREMENTS LISTED IN THIS DOCUMENT ARE THE MINIMUM LEVELS OF KNOWLEDGE, SKILLS OR ABILITIES

Job Benefits

• Medical, Dental & Vision Insurance Coverage
• Life/ADD & Short/Long Term Disability Insurance
• 401(k) Savings Plan
• Employee Stock Purchase Plan (ESPP)
• Paid Time-Off (PTO)
• Holidays
• Education Reimbursement