Cyber Security Engineer - Information System Security Manager

About The Position

Requirements

• Demonstrated knowledge of and experience with several of the following: current security tools; hardware/software security implementation; communication protocols; encryption techniques/tools
• Experience preparing and maintaining SSPs and other security related documentation
• Experience proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies, preferably on a large software or IT program
• Collaborating in a team environment
• Experience with DoD Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
• High expertise in cloud security concepts and the FEDRAMP program
• Use of scanning tools and interpreting results including ACAS
• Expertise in security incident management and response
• Must have experience performing the RMF process to attain Authority to Operate (ATO) in accordance with NIST 800 series guidance
• Must have familiarity with eMASS automation, OSCAL, or similar compliance automation frameworks
• Must be committed to developing and adhering to best practices and standard operating procedures
• Must be a solutions-oriented team player and must possess a high level of self-initiative
• Must have excellent interpersonal skills
• Must have Security+ Certification
• Must have CISSP Certification or able to obtain within 6 months of hire
• Minimum education: Bachelor’s degree in Computer Science, Cybersecurity, or comparable academic discipline
• Minimum experience requirements: ten years of experience required
• Must have or be willing to obtain Secret Clearance (this requires US Citizenship)
• Acceptable candidates must successfully pass a drug test and background screen

Nice To Haves

• Knowledge of DoD security requirements
• Experience with Cloud
• Hands-on experience with cloud-native security tools
• Knowledge of DoD systems, data and processes

Responsibilities

• Support implementation and enforcement of cybersecurity policies and controls in accordance with DoD RMF, NIST 800-53, and Air Force guidance
• Create/maintain and review/approve other teammates’ information security related documentation
• Implement, maintain, and monitor security controls
• Advise developers on integrating security requirements
• Achieve and maintain Authorization to Operate classified information systems
• Coordinate with sponsor and corporate security organization
• Oversee Continuous Monitoring program
• Maintain operational security posture for information systems
• Provide security related training and guidance to program management and staff
• Provide responsible oversight and management of multiple RMF packages in appropriate compliance systems
• Conduct RMF process on various items including Hardware, Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS) Systems

Benefits

• market-competitive salary
• generous PTO package
• comprehensive medical, dental, vision and life insurance plans
• 401K
• short/long-term disability insurance
• fun and engaging culture
• training opportunities