Cybersecurity Engineer - Senior - TS/SCI CI Poly - MD, DC, VA

About The Position

Requirements

• 13 years of experience in Software or Systems Engineering roles or a highly related field of work with similar scope and responsibilities
• A Bachelor’s degree may be substituted for 4 years of experience, and a Master’s degree may be substituted for 6 years of experience
• US Citizenship
• Active TS/SCI with active CI Polygraph clearance
• Security+ or other IAT II/III level certification that is currently active
• Proficiency with XACTA and DIA’s RMF process, including managing IATT and ATO processes
• Proficiency with Splunk
• Experience conducting assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as ICD 503)
• Experience implementing and maintaining system security documentation, including SSPs, SAPs, POA&Ms, and security assessment artifacts, coordinating closely with ISSMs, ISSEs, system owners, and Authorizing Officials
• Full-time work in a Sensitive Compartmented Information Facility (SCIF) is required, with flexible hours

Nice To Haves

• Prior Information System Security Officer or Information System Security Engineer experience
• Proven experience leading cybersecurity initiatives for significant programs, showcasing a comprehensive understanding of large-scale program requirements
• Demonstrated success in team management, with the ability to effectively guide and coordinate cybersecurity professionals
• Strong communication skills, with experience engaging customers, program leads, leadership teams, and engineers to convey complex cybersecurity concepts and strategies

Responsibilities

• Conducting technical security assessments and contributing to the security systems
• Ensuring system security compliance, managing risks, and supporting certification activities throughout the program life cycle
• Working with application leads, system administrators, DBAs, developers, and testers to ensure assigned systems are security compliant and achieve/maintain ATO
• Answering questions to ensure systems are developed with security compliance built in
• Supporting security assessment events and responding to all questions from ISSMs and SCAs
• Developing and maintaining SSPs, POA&Ms, and other required security documentation using XACTA
• Driving IATT and ATO efforts, coordinating with stakeholders, cyber teams, and the Authorizing Official (AO)
• Implementing and validating NIST 800-53 controls in cloud-native DPaaS environments
• Applying Zero Trust principles to secure data services, including identity, segmentation, and flow control