Senior Cyber Security Engineer

About The Position

Requirements

• Typically requires a Bachelor’s in Science, Technology, Engineering, or Mathematics and a minimum of 5 years of experience.
• Experience in cybersecurity, compliance, and risk management framework.
• The ability to obtain and maintain a U.S. government issued security clearance is required.
• U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance
• DoD Clearance: Secret

Nice To Haves

• Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) and USCYBERCOM.
• 2–4 years of hands-on experience in offensive security, reverse engineering, or exploit development.
• Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows, Red Hat Enterprise Linux, and Cisco Systems.
• DoDI 8570.01-M IAT Level-III Compliant Certification (CISSP, CCNP Security, CISA, etc.)
• Familiar with Ghidra/IDA, x64dbg/WinDbg, Burp Pro; Nmap; Python/C/C#/PowerShell/Bash; Wireshark/Zeek
• Security related Network (e.g. Cisco) and Operating System certification or training.
• Ability to support periodic travel.

Responsibilities

• Define security requirements and design solutions, providing guidance and direction related to security technologies.
• Reverse-engineering Windows/Linux executables (Ghidra/IDA, x64dbg/WinDbg/LLDB, radare2, Frida).
• Code review across at least two families (preferably, C/C++ and Python) to find logic flaws.
• Turn vuln data (Nmap/Nessus/ACAS/SAST) into scoped host and network pentest plans with clear objectives, hypotheses, and success criteria.
• Write actionable reports: risk, reproduction, PoCs, prioritized remediation mapped to CWE/CVSS/ATT&CK.
• Perform analysis on security collected data and test results.
• Identify and implement security design and prepare and maintain engineering and security related documentation.
• Define and develop cybersecurity requirements, design, and architecture artifacts, strategy, plans, and policies.
• Perform and/or provide guidance and oversight on vulnerability assessments, defining, negotiating, and executing Assessment and Authorization (A&A) events.
• Collaborate with program and engineering disciplines and ensure cybersecurity solution alternatives.
• Conduct cybersecurity audits to ensure appropriate implementation and compliance of the security posture developing SSP’s and POA&M’s.
• Define security development and test efforts implementation of security controls of networking devices, databases, operating systems, and hardware and software components.
• Conduct technical and nontechnical trade studies, analysis, reviews identify.

Benefits

• Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays.
• Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement.