Manager, Info Security Systems Engineer TS/SCI - Boulder, CO

About The Position

Requirements

• Bachelor’s Degree and a minimum of 9 years of prior relevant experience, or
• Graduate Degree and a minimum of 7 years of prior related experience, or
• In lieu of a degree, minimum of 13 years of prior related experience.
• Minimum of active Top Secret/SCI security clearance required, with polygraph is highly desired.
• Must be able to obtain and maintain an appropriate DOD 8140 certification for the position within 6-months of start.
• Prior or current experience with the development and implementation of  Anti-Tamper (AT) for the protection of CPI throughout the System Development Lifecycle.

Nice To Haves

• Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC
• Professional experience with RMF (Risk Management Framework) in embedded systems.

Responsibilities

• Lead the development and implementation of Anti-Tamper (AT) measures throughout the System Development Lifecycle.
• Serve as a Subject Matter Expert (SME) in the area of AT.
• Assess systems for Critical Program Information (CPI).
• Conduct trade studies and develop AT requirements.
• Assess threats via attack/countermeasure analysis.
• Conduct Verification and Validation activities.
• Use DoD 5200.39 for the identification and protection of CPI.
• Engineer trustworthy and secure systems in accordance with NIST 800-160.
• Develop and implement comprehensive Program Protection Plans (PPP) to safeguard critical program information (CPI) and technologies.
• Draft Program Protection Plans (PPPs), Cybersecurity Strategies, Security Classification Guides (SCGs), and AT Plans.
• Interact with customers to define AT requirements, solutions, trades, costs, implementation, system impacts, and effectiveness.
• Collaborate with customers, internal program teams, and leadership to address program needs.
• Mentor and develop junior engineers.
• Provide DoD software selection and approval processes for COTS, GOTS, and FOSS.
• Support security engineering activities, including basis of estimate development, requirements development, design, testing, configuration management, and maintenance of information systems and data.
• Assist program security in the development of policies and procedures for emerging security technologies.
• Support the evaluation, qualification, testing, and delivery of security architecture improvements, obsolescence replacements, and vulnerability response projects.
• Provide Security Testing and Verification.
• Interact with customers, internal program team, and leadership the needs.
• Assess security and privacy controls in embedded systems using NIST 800-53.
• Utilize Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development.
• A&A package processing.
• Provide DoD software selection and approval processes for COTS, GOTS and FOSS.
• Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data.
• Assist program security in the development of policies and procedures for emerging security technologies.
• Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
• Provide Security Testing and Verification.

Benefits

• health and disability insurance
• 401(k) match
• flexible spending accounts
• EAP
• education assistance
• parental leave
• paid time off
• company-paid holidays