Cyber Systems Security Engineer-Level 2

About The Position

Requirements

• B.S. degree in Cybersecurity, Cyber Security Engineering, Computer Science, Computer Security, Computer Engineering, Software Engineering, or Systems Engineering
• Experience with Security Technical Implementation Guide (STIG) and security requirement implementation
• Experience with cyber risk analysis and security assessment methods
• Knowledge of Implementing the NIST Risk Management Framework (RMF) and NIST SP 800-53 controls. Specifically related to Joint Special Access Program Implementation Guide (JSIG)
• Experience with software development and programming
• Final Secret Clearance to start with the ability to obtain program’s clearance
• Must be a US Citizen

Nice To Haves

• Experience working in an aerospace design environment (e.g. F-22 Program) with exposure to DoD customers and their accrediting authorities
• Experience with developing and maintaining core RMF/JSIG security documentation artifacts for A&A Packages including Security Control Traceability Matrix (SCTM), System Security Plan (SSP) and/or Information Assurance Standard Operating Procedures (IA SOP), Plan of Action & Milestones (POA&M), and Risk Assessment Report (RAR)
• Ability to create and present technical information to customers
• Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment
• Ability to analyze, decompose, and allocate security controls into executable security requirements at the system, sub-system and component level
• Familiar with adopting agile and DevSecOps principles to increase speed and improve value delivery
• Proactive self-starter with the ability to learn rapidly and work independently
• Ability to travel as required

Responsibilities

• Support/coordinate the execution of a range of cyber risk analysis and security assessment methods
• Comprehend and support customer composition of Security Classification Guide (SCG) guidance
• Implement patches and Security Technical Implementation Guides (STIGs) to address cyber vulnerabilities, feature changes, or obsolescence
• Develop documentation for specific installations and configurations necessary to obtain Authorizations to Operation (ATOs) in support of program schedules
• Contribute to and implement Plan of Action and Milestones (POAMs) to mitigate open cyber risks
• Communicate effectively with a range of audiences, technical and non-technical
• Function effectively on the IFG CRE engineering team to create a collaborative and inclusive environment that allows for the establishment of contract goals, itemized planning of tasks, and prioritization of tasks that drives the efficient execution of objectives
• Apply standard cybersecurity processes, methods, tools, and best practices consistently across projects
• Carry out Assessment and Authorization (A&A) tasks as required by the customer
• Work with a cross functional team to plan, design, develop, test, and validate cyber solutions throughout their life cycle
• Perform cyber risk activities such as threat modeling, vulnerability analysis, and evaluating mitigation options
• Identify and address supply chain security concerns
• Analyze design constraints and trade offs, and contribute to detailed system and security designs for cyber related parts of a program
• Collaborate with cyber and system architects and developers to oversee solution development
• Test hardware and/or software for cybersecurity compliance, ensuring they meet specified requirements

Benefits

• flexible work schedules
• comprehensive benefits investing in your future and security
• Medical
• Dental
• Vision
• Life Insurance
• Short-Term Disability
• Long-Term Disability
• 401(k) match
• Flexible Spending Accounts
• EAP
• Education Assistance
• Parental Leave
• Paid time off
• Holidays