Principal, Cyber Security Engineer

About The Position

Requirements

• Ability to obtain a DoD security clearance.
• Bachelor of Science Degree in Engineering, Computer Science or Information Systems.
• Fifteen (15) years in cyber security to include: Maintained the information security activities to preserve the availability, integrity, and confidentiality of information resources in compliance with applicable security policies and standards.
• Experience performing cybersecurity requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, and systems hardening.
• Demonstrated experience supporting Risk Management Framework (RMF)/ FedRAMP system certification.
• Demonstrated ability to take initiative and work independently and quickly transition to reassess priorities.
• Must have Security+ certification.

Nice To Haves

• Active DoD security clearance.
• Knowledge of the system development life cycle, software project management approaches and requirements, design and test techniques including experience working in a DevOps/DevSecOps delivery environment.
• Experience in mentoring/training/coaching others in technical concepts.
• Adapts quickly to new situations, is willing to learn new technologies and works well in a team environment, leading individual projects without the need for supervision.

Responsibilities

• Evaluate, develop, and implement cybersecurity code review solutions within current business processes to optimize efficiencies in collaboration with software developers.
• Identify methods to collect, analyze, and manage data with the goal of making recommendations to accelerate the Risk Management Framework process within a DevSecOps environment.
• Conduct vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis.
• Evaluate incident response procedures and capabilities through Red Team exercises.
• Exploit system and network vulnerabilities and misconfigurations for the purpose of gathering data from target or adversary automated information systems or networks and to enable operations and intelligence collection capabilities.
• Monitor, analyze, and detect Cyber events and incidents within information systems and networks.
• Plan, implement, manage, monitor and upgrade security measures for the protection of the organizations data, systems and networks.
• Develop security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments; develop cloud service provider testing approach from security perspective.
• Evaluate the performance and applicability of software code review tools against customer and client requirements.
• Foster collaborative business relationships with stakeholders, business partners, and team members.
• Assist in the training and development of the command workforce to increase the ability to produce secure software code.

Benefits

• Competitive pay and benefits, including PTO.
• Education stipends and referral bonuses.
• Compelling work with the U.S. federal government.
• Strong emphasis on volunteer and community engagement.
• Opportunity to shape the future of our industry.
• Supportive colleagues and management who invest in your growth.