Senior Cyber Security Engineer

About The Position

Requirements

• Bachelor’s degree with 5+ years of experience (or equivalent experience)
• Experience with RMF, A&A, POA&M, and ATO documentation (XACTA/eMASS)
• Experience securing Linux and Windows systems, STIGs, patching, and system hardening
• DoD 8570 IAT Level II or higher certification (e.g., Security+, CySA+, CISSP)
• Active or Current (within two years of active) Top Secret Security Clearance with SCI eligibility
• Hands-on vulnerability scanning and compliance tracking (ACAS, IAVM)
• Knowledge of NIST 800-series publications and incident response processes
• Strong analytical, communication, and collaboration skills
• Ability to work independently and yet be effective within a team setting
• Must be capable of managing multiple efforts with time-related constraints in a fast-paced contracting environment
• Demonstrated ability to effectively communicate and collaborate with diverse internal and external stakeholder groups and individuals
• Friendly presence, helpful attitude, good interpersonal skills, and ability to work well with others.
• Excellent skills in Microsoft Word, Excel, and other Office applications
• Proficient with Microsoft Office Applications, and experience working in a home office setting, as well as the ability to train end users on frequently asked technical issues.
• Ability to provide technical assistance and support over the phone; good phone skills, professional demeanor, and previous customer service experience strongly desired.
• Good problem-solving skills; ability to visualize a problem/situation and think abstractly to solve it

Nice To Haves

• Scripting or development experience (Python, Java, React)
• DevSecOps tools and pipeline experience
• Experience with Linux (Red Hat/CentOS), databases, web apps, or big data platforms
• Familiarity with Agile environments and tools (Jira, Confluence)
• Experience with NIST SP 800-171 and System Security Engineering (SSE)

Responsibilities

• Applying RMF processes to support system Assessment & Authorization (A&A), including control selection, implementation, assessment, and continuous monitoring
• Developing, reviewing, and maintaining security documentation such as SSPs, POA&Ms, SARs, and ATO artifacts in tools such as XACTA or eMASS
• Conducting vulnerability assessments and compliance scans (e.g., ACAS) and tracking remediation of findings and IAVM requirements
• Implementing and validating security controls aligned with NIST 800-53, CNSSI 1253, and related DoD guidance
• Supporting system hardening, patching, and configuration management in compliance with STIGs for Linux, Windows, and network devices
• Monitoring systems for security events and supporting incident response and risk mitigation activities
• Assessing security impacts of system changes and supporting configuration control boards (CCBs)
• Collaborating with system engineers, administrators, and DevSecOps teams to integrate security throughout the system lifecycle
• Providing cybersecurity risk input to program leadership, Authorizing Officials (AOs), and stakeholders
• Other duties as assigned

Benefits

• professional development
• well-being programs