Cyber Security Engineer II

Scientific Research CorporationPortsmouth, VA
Onsite
Match Resume

About The Position

Supporting the information system owner to complete security assessments, achieve system authorizations, continuous monitoring, and configuration management, through eMASS. Performing cybersecurity testing, analysis, and reporting by conducting Assured Compliance Assessment Solution (ACAS) scans, Security Technical Implementation Guide (STIG) checks, port scanning, application code review, Risk Management Framework (RMF) control review, and Plan of Action and Milestone (POAM). Providing in-depth analysis on cybersecurity test results, remediation steps, and potential mitigating factor(s). Assessing NSWC systems in accordance with Navy, NIST, DoD, and DISA guidance. Reporting security incidents in accordance with the Command's Incident Response Plan. Verifying configuration management and tracking security update implementation to the systems using existing automated tools. Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems. Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices. Supporting the Information System Security Manager (ISSM) and Cybersecurity Lead in meeting all RMF documentation, process, policy, risk assessment, testing, and continuous monitoring requirements per the NIST SP-800 series. Verifying patches and virus definitions are updated on the system using existing automated tools. Providing RMF support for all future and/or new Assessment and Authorization (A-A). Collaborating with the IPT Lead, PM, Developers, Engineers, and Test teams through guidance and options on how to meet all technical and policy security-control. Maintaining security reporting compliance requirements outlined in the System SLCM Strategy. Filling this position is contingent upon funding.

Requirements

  • Must possess an active Secret clearance at the minimum
  • A minimum of five years of cybersecurity experience
  • Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+ CE with appropriate CE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months
  • CE/OS certificate may include Windows or Linux
  • Be knowledgeable and experienced with Windows & Linux operating systems
  • Be knowledgeable and experienced with RMF steps, activities, tools, and resources
  • Shall contribute and be familiar with guidance on current and dynamic computer security requirements, best practices, and information system/network hardening techniques and consult and contribute on policy, procedure, and guideline development
  • Have knowledge of National Institute of Science and Technology (NIST) standards and Defense Information Systems Agency (DISA) STIGs, standards, guidelines, and requirements as related to Cybersecurity and Risk Management
  • Have knowledge of common and DOD specific network/communication protocols, processes, and architectures
  • Have experience in administering and hardening Microsoft Windows and other operating systems in accordance with DISA and NIST requirements
  • Supporting the Information System Security Manager (ISSM) and Cybersecurity Lead in meeting all RMF documentation, process, policy, risk assessment, testing, and continuous monitoring requirements per the NIST SP-800 series
  • Have professional communication skills and the ability to express thoughts and ideas clearly and concisely
  • Must be a team player, dedicated to program support, capable of multitasking and working several complex, and diverse tasks with simultaneous or near-simultaneous deadlines
  • Be a self-starter who is accountable and requires minimal direction and supervision
  • Be open to new and innovative ideas

Nice To Haves

  • In‑depth knowledge of DoD cyber‑policy frameworks (RMF, NIST 800‑53, CNSSI 1253)
  • Experience with Risk Management Framework (RMF) processes
  • Experience authoring and editing RMF Control Family Plans
  • Experience with EvaluateSTIG and/or STIGManager
  • Experience with eMASS, SSPs, POAMs, ACAS/Nessus, SCAP, Security Checklists, and STIG Viewer

Responsibilities

  • Supporting the information system owner to complete security assessments, achieve system authorizations, continuous monitoring, and configuration management, through eMASS
  • Performing cybersecurity testing, analysis, and reporting by conducting Assured Compliance Assessment Solution (ACAS) scans, Security Technical Implementation Guide (STIG) checks, port scanning, application code review, Risk Management Framework (RMF) control review, and Plan of Action and Milestone (POAM)
  • Providing in depth analysis on cybersecurity test results, remediation steps, and potential mitigating factor(s)
  • Assessing NSWC systems in accordance with Navy, NIST, DoD, and DISA guidance
  • Reporting security incidents in accordance with the Command's Incident Response Plan
  • Verifying configuration management and tracking security update implementation to the systems using existing automated tools
  • Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems
  • Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices
  • Supporting the Information System Security Manager (ISSM) and Cybersecurity Lead in meeting all RMF documentation, process, policy, risk assessment, testing, and continuous monitoring requirements per the NIST SP-800 series
  • Verifying patches and virus definitions are updated on the system using existing automated tools
  • Providing RMF support for all future and/or new Assessment and Authorization (A-A)
  • Collaborating with the IPT Lead, PM, Developers, Engineers, and Test teams through guidance and options on how to meet all technical and policy security-control
  • Maintaining security reporting compliance requirements outlined in the System SLCM Strategy

Benefits

  • medical
  • dental
  • vision plans
  • 401(k) with a company match
  • life insurance
  • vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually
  • 11 paid holidays
  • tuition reimbursement

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Cyber Security Engineer II job opportunities

Cyber Security Architect/Engineer II
Honeywell Aerospace
Honeywell Aerospace • Phoenix, AZ5d • Hybrid
Cyber Security Architect/Engineer II
Honeywell Aerospace
Honeywell Aerospace • Woburn, MA9d • Onsite
Cyber Security Engineer
Akima, LLC
Akima, LLC • Albuquerque, NM6d • Onsite
Cyber Security Engineer
Applied Research Solutions
Applied Research Solutions • Bath Township, OH6d
Cyber Security Engineer
Noblis
Noblis • Washington, DC2d
Cyber Security Engineer
Booz Allen Hamilton
Booz Allen Hamilton • Mclean, VA11d • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service