Senior Information Assurance Engineer

About The Position

Requirements

• Requires a Bachelors degree in Engineering, or a related Science or Mathematics field.
• Also requires 8+ years of job-related experience, or a Master's degree plus 6 years of job-related experience.
• Department of Defense TS/SCI security clearance is required at time of hire.
• Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
• Due to the nature of work performed within our facilities, U.S. citizenship is required.
• Self-directed / self-starting ability
• Considerable written and verbal communications skills
• Excellent ability in communicating issues, impacts, and corrective actions
• Strong security mindset and comfortable questioning system behavior that is inconsistent with key security principles
• Familiar with NIST SP 800-53 Risk Management Framework (RMF)
• Familiar with Linux and Windows operating systems and their security features
• Experience with Secure Technical Implementation Guides (STIGs)
• RMF Assessment and Authorization process
• Strong use and understanding of systems engineering concepts, principles, and theories
• Strong written and verbal communications skills
• Strong understanding of Microsoft Office applications
• Must behave TS/SCI clearance

Nice To Haves

• Familiarity with cloud native technologies and authorization (e.g. FedRAMP) is a plus

Responsibilities

• Supports the development of RMF body of evidence for security requirements including items such as security plans, security testing plans, Security Control Traceability Matrices, and System Impact Analyses.
• Performs routine security verification tasks using manual and automated methods (Cyber Test Procedures and vulnerability scans)
• Supports the execution of Assessment and Authorization events
• Works with Development and Test teams to plan, implement, and support verification of security requirements
• Actively participates in an Agile team to organize, prioritize, and status work efforts
• Champions security perspective for decisions related to implementing and verifying security controls in high security, cloud native DevSecOps environments.
• Contributes to the achievement of business objectives
• Recognizes and incorporates various security designs and lessons learned
• Able to sell concepts and ideas
• Effective in communicating issues, impacts, and corrective actions as they affect the cyber design and implementation
• Strong ability in reporting relevant cyber systems engineering design
• Regular contact with senior levels of security work groups
• Ability to lead security work groups
• Works under limited direction
• Contact with project leaders and other professionals within the Engineering department and with project teams
• Frequent contact with the external customers security professionals
• Creative thinker, good multi-tasker