Information Assurance Engineer

About The Position

Requirements

• Requires a Bachelors degree in Engineering, or a related Science or Mathematics field. Also requires 2+ years of job-related experience or a Master's degree.
• Department of Defense TS/SCI security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required.
• Self-directed and self-starting ability.
• Strong written and verbal communication skills.
• Excellent ability to communicate issues, impacts, and corrective actions.
• Strong security mindset and comfortable questioning system behavior inconsistent with key security principles.
• Familiar with NIST SP 800-53 Risk Management Framework (RMF).
• Familiar with Linux and Windows operating systems and their security features.
• Experience with Secure Technical Implementation Guides (STIGs).
• Understanding of the RMF Assessment and Authorization process.
• Strong use and understanding of systems engineering concepts, principles, and theories.
• Works under limited direction.
• Frequent contact with project leaders, other professionals within the Engineering department, project teams, and external customers security professionals.
• Creative thinker and good multi-tasker.
• Strong understanding of Microsoft Office applications.
• Job will require 3-5 days a week on site support at Buckley Air Force Base and periodic site visits to Boulder campus.
• Must have TS/SCI clearance.

Nice To Haves

• Familiarity with cloud-native technologies and authorization (e.g., FedRAMP) is a plus.

Responsibilities

• Supports the development of RMF body of evidence for security requirements, including security plans, security testing plans, Security Control Traceability Matrices, and System Impact Analyses.
• Performs routine security verification tasks using manual and automated methods (Cyber Test Procedures and vulnerability scans).
• Supports the execution of Assessment and Authorization events.
• Collaborates with Development and Test teams to plan, implement, and support the verification of security requirements.
• Actively participates in an Agile team to organize, prioritize, and status work efforts.
• Champions security perspective for decisions related to implementing and verifying security controls in high-security, cloud-native DevSecOps environments.
• Contributes to the achievement of business objectives.
• Recognizes and incorporates various security designs and lessons learned.
• Able to sell concepts and ideas effectively.
• Able to work directly with customers.
• Proficient in reporting relevant cyber systems engineering design.
• Regular contact with senior levels of security workgroups.
• Ability to lead security workgroups.