Cybersecurity Engineer (Senior-Level) - (ISCE073125.1)

About The Position

Requirements

• Due to facility security requirements, only U.S. citizens are eligible for consideration at the time.
• This position requires access to federal facilities.
• Candidates must possess a valid, unexpired Real ID-compliant driver's license or state-issued identification card at the time of hire. If you are unsure whether your ID is Real ID-compliant, please check for the star symbol in the upper portion of your driver's license or state ID.
• Ability to complete a pre-employment background check and drug screening, which will include but is not limited to testing for marijuana use.
• Active Secret Clearance (or higher).
• Current DoD 8570 IAT Level II Certification (ex., Security + with CE).
• 5 or more years of experience in cybersecurity roles such as security operations, vulnerability management, penetration testing, or red teaming.
• Strong understanding of network protocols, operating systems (Windows and Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures.
• Ability to support after-hours maintenance windows, as needed.
• Ability to maintain a restricted badge and work onsite at least 4 days per week.

Nice To Haves

• Relevant industry certifications such as OSCP, CySA+, PenTest+, or CEH.
• Proficiency in at least one scripting language (e.g., Python or PowerShell) for automation and API integration.
• Knowledge of common attack techniques, exploitation methods, and adversary TTPs (tactics, techniques, and procedures).
• Experience applying the MITRE ATT&CK framework in security testing and validation.
• Familiarity with various security controls such as EDR, SIEM, firewalls, IDS/IPS, DLP, and WAF, including methods for testing their effectiveness.
• Familiarity with the Missile Defense Agency (MDA) and Ballistic Missile Defense System (BMDS) programs.

Responsibilities

• Translate complex technical findings into actionable insights and collaborate with security operations, engineering, and development teams to drive remediation efforts and improve security posture.
• Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities for all Automated Security Validation (ASV) systems within the MDA environment.
• Administer, configure, and maintain automated security validation platforms (e.g., AttackIQ, Cymulate, Picus, SafeBreach, Mandiant Advantage).
• Troubleshoot and resolve platform functionality issues, including agent and integration-related problems.
• Execute automated validation campaigns across various environments, including endpoints, networks, cloud, and applications.
• Research and incorporate emerging attack techniques and threat intelligence into validation efforts.
• Generate comprehensive reports, dashboards, and metrics to assess security control effectiveness and posture.
• Communicate findings, risks, and recommended remediations to both technical and non-technical stakeholders.
• Integrate security validation platforms with tools such as SIEM, EDR, SOAR, CMDB, vulnerability management, and ticketing systems using APIs or other methods.
• Identify and implement opportunities to enhance the security validation program’s effectiveness and efficiency.
• Maintain accurate documentation of platform configurations, test plans, and operational procedures.

Benefits

• health, dental, and vision insurance
• 401(k) contributions
• educational reimbursement