Cybersecurity Engineer

Johns Hopkins Applied Physics Laboratory•Laurel, MD

1d•Onsite

About The Position

This role contributes technical expertise to U.S. strategic deterrence, protecting the Nation from highly capable and motivated nation-state adversaries. The position involves shaping and conducting a varied portfolio of activities, such as cybersecurity assessments, resilience engineering, threat intelligence, and program protection, to protect U.S. Navy and Air Force deterrence programs and systems. The successful candidate will develop innovative approaches to address critical challenges in defending the U.S. and its allies. The role is within the System Realization and Resilience Group (KBR) within the Force Projection Sector at Johns Hopkins University Applied Physics Laboratory (APL) in Laurel, MD. The team is responsible for enabling the realization of strategic systems, ensuring resilience and specialty disciplines are integrated throughout system development, and supporting credible verification of strategic weapon systems. They lead efforts in systems engineering, system security engineering, cybersecurity, test and integration, digital engineering, nuclear command and control, and reliability engineering. The experienced Cybersecurity Engineer will join a mission-focused multidisciplinary team of engineers and scientists to conduct hands-on vulnerability assessments, working with the Government and its contractors to identify and prioritize mitigations to address assessment findings based on a deep understanding of mission objectives and operational constraints. The team focuses on integrating security and resiliency considerations into system architecture and development from the outset and fosters an environment of creativity and boldness.

Requirements

Possess a Bachelors in Computer Science, Computer Engineering, Cybersecurity, Information Assurance, or a related quantitative field.
Have 3+ years of hands-on experience with two or more of the following: penetration testing, red teaming, software reverse engineering, malware analysis, exploit development, system security engineering, secure system design, software development.
Able to pursue complex technical threads deeply, yet step back to keep focus on the wider mission context and constraints.
Experienced in adapting to new systems, stakeholders, and missions, using structured inquiry and creative reasoning to proactively define next steps.
Have experience writing technical documents and presenting technical information to non-technical audiences.
Can obtain an Interim Secret security clearance by your start date, and can ultimately obtain a Top Secret clearance.
Eligibility requirements include U.S. citizenship.
Willing and able to travel periodically to government, contractor, and/or other agency sites up to 25% of the time.

Nice To Haves

Have 8+ years of hands-on experience with three or more of the following: penetration testing, red teaming, software reverse engineering, malware analysis, exploit development, system security engineering, secure system design, software development.
Are equally comfortable talking with software engineers, system architects, mission operators, and senior leadership.
Have experience in assembling and leading multi-disciplinary teams, particularly drawing from different organizations with different business cultures.
Have an active Top Secret clearance.

Responsibilities

Develop a deep, layered understanding of mission objectives, system architecture, system component functionality, and operational environments through document synthesis and SME engagement.
Support hands-on cybersecurity assessments through vulnerability research, direct testing, configuration analysis, and penetration testing of hardware, software, and networks.
Participate in the development and execution of test plans, data collection, and analysis of assessment results.
Document technical findings clearly and consistently to communicate them to external organizations and stakeholders.
Work within multidisciplinary and cross-organizational teams to interpret technical vulnerabilities, system findings, and prioritize mitigations or compensating engineering activities in light of mission priorities and operational constraints.
Work closely with external organizations responsible for developing the systems of interest to understand the item being developed, its mission context, and ensure early consideration of security and resilience perspectives.
Practice technical diplomacy to facilitate the communication of ideas across technical, operational, and organizational domains.