Product Security Engineer, Associate

About The Position

Requirements

• Bachelor's degree from an accredited course of study in engineering, engineering technology, computer science, engineering data science, mathematics, physics, or chemistry, and typically 2 or more years of related work experience, or an equivalent combination of education and experience.
• 2+ years of experience performing cybersecurity functions and supporting computer applications in an operational (mission critical) mode.
• 2+ years of experience performing systems administration and/or network administration tasks to include installation and configuration of servers.
• Possess a minimum of (IAT Level 2) CompTIA Security+, or other relevant cybersecurity certifications.
• Ability to collect, organize, synthesize, and analyze data, and summarize findings, conclusions, and recommendations.
• Experience identifying system susceptibility, survivability, and vulnerability.
• Knowledge of system security domains and applicable industry and government guidance and regulations.
• Ability to communicate effectively with technical personnel across multiple disciplines.
• This position requires an active U.S. Secret Security Clearance for which the U.S. Government requires U.S. Citizenship, with the ability to obtain and maintain a final U.S. Top Secret Clearance post-start.

Nice To Haves

• Certified Information Systems Security Professional (CISSP)
• Demonstrated ability to develop creative solutions to technical problems.
• Demonstrated commitment to quality and safety in technical work environments.
• Knowledge of cyber security incident response protocols, including identification, impact assessment, containment, remediation, evidence handling, and technical reporting.
• Knowledge and understanding of risk management methodology and processes, including trade studies and mitigation planning.
• Ability to effectively utilize risk management tools to support program or project execution.
• Knowledge of engineering disciplines applied to product-related systems throughout the product development life cycle.
• Knowledge of various engineering disciplines such as electrical, mechanical, and systems.
• SIPRNet configuration and compliance experience
• SIPR Cyber Operational Readiness Assessment (CORA) audit preparation experience
• Assured Compliance Assessment Solution (ACAS) experience or certification
• Red Hat Linux and Windows workstation/server environments
• VMware ESXi and vCenter experience
• Data Domain and Unity storage experience
• Dell EMC Networker backup experience
• Trellix ePO (ePolicy Orchestrator) experience
• SolarWinds Platform experience
• Splunk experience
• Microsoft SQL Server experience

Responsibilities

• Support the development, implementation, and sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
• Process and analyze computing and cybersecurity requirements
• Manage and secure DoD information systems ensuring compliance with National Institute of Standards and Technology (NIST) 800-53 and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)
• Support research and development activities resulting in innovative solutions.
• Develop Plans of Action and Milestones (POAMs) to address meeting cybersecurity requirements
• Participate in a multidisciplinary range of technical systems and application support activities.
• Support the installation, configuration, and maintenance of multiplatform systems hardware, software, and components
• Ensure security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support.
• Troubleshoot secure network architectures
• Assist as needed in system administration and network administration
• Document, implement, and maintain computer applications
• Assist with evaluation of architecture to ensure compatibility with computing system
• Assist in evaluating systems against architectural objectives
• Support the integration of security and resiliency into products and services throughout the lifecycle of the product/service to meet all applicable certifications and customer requirements.
• Support the research, collection, interpretation, test, and analysis of technical data for system-level product security concepts in the projected operational environments to optimize effectiveness over the program lifecycle.
• Support product security risk/attack surface/vulnerability analyses and security audits of applications and application stacks of various provenances.
• Support the analysis, triage, aggregation, escalation, and reporting of relevant product security and anti-tamper data and other information sources for attack indicators and potential security breaches.
• Assist in coordination during incidents.
• Support the correlation and performance of trend analysis.
• Analyze malware and attacker tactics to improve detection capabilities.
• Prepare and present basic technical reports and briefings.

Benefits

• 401k Plan
• Student Loan Match
• health insurance
• flexible spending accounts
• health savings accounts
• retirement savings plans
• life and disability insurance programs
• paid and unpaid time away from work