We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
SOC LLC jobs

Cyber Security Engineer Information Technology

SOC LLC
United States, Virginia, McLean
Nov 05, 2024
Senior Cyber Security Engineer - TS/SCI - McLean, VA

As a Cyber Security Engineer you will provide support to the program Information Systems Security Engineer lending their expertise on security requirements governing design, implementation, and deployment of customer high performance compute, storage and network infrastructures. While the program Information System Security Engineer (ISSE) serves as a focal point to customer Accrediting Officials and primary advisor to the program Chief Engineer on security-related design attributes and policies affecting the accreditation of the customer's infrastructure, the Cyber Security Engineer will be involved in the implementation and execution of security controls, certification test plans, and other activities needed to achieve and maintain system Authority to Operate. The Cyber Security Engineer may also provide COMSEC support and systems integration on-site support, where on-site could be Northern VA area or at the data center location.

The Cyber Security Engineer implements and maintains information security controls associated with development, delivery, and continuous monitoring of complex, high performance, mission critical information technology systems. The Security Engineer will support the program's Lead ISSE in achieving Risk Management Framework milestones leading to Authority to Operate. Specific activities include, but are not limited to:

  • Support program ISSE to Identify project security requirements, based on RMF or as the result of security issues that put the customer's systems at risk.
  • Review and analyze new system hardware and software and provide recommendations

    • concerning system security.


  • Participate in network design reviews and security testing for the customer's networks.
  • Coordinate with system development teams to ensure network security standards are followed and implemented correctly.
  • Support the program ISSE in coordinating activities between engineers, program representatives, DAOs, ISSO, and other stakeholders involved in accreditation and authority to operate/connect processes.
  • Review applicable document/artifacts, such as Security Requirements Traceability Matrixes (SRTMs), System Security Plans (SSPs), Disaster Recovery (DR) and other IA documentation for completeness. Provide recommendations to improve.
  • Monitor and coordinate Continuous Monitoring (ConMon) activities for weekly, monthly, quarterly and annual controls
  • Provide guidance and support to projects requiring ICD 503 A&A, including deployments to both standard NRO networks and containerized (Kubernetes) IC Cloud environments.
  • Work closely with Computer and Facility Security Offices to ensure NISPOM Chapter 8

    • and ICD 503 requirements are compliant across multiple network platforms.


  • Support all phases of the A&A System Security Engineering life cycle to include Software assessments / approvals, system hardening, creation of system CONOPs, test plans, and development of System Security plans.
  • Prepare security documentation including RMMs, SCL, SSP and CTPs.
  • Assist engineers and development team with securing solutions to STIGs and other standards.
  • Optimize security documentation and visibility using tools such as NESSUS, HBSS, NetWitness and/or others.
  • As required, maintain Government-provisioned Communications Security (COMSEC).



Education & Experience Qualifications.


  • Bachelor's Degree in computer science, networking, systems engineering or security related fields. Work experience in relevant fields may be considered for equivalency.


  • 5+ years of experience in system security certification and accreditation to include system hardening.
  • Understanding/experience with Linux security, virtualization security, container (Kubernetes) security, or network security.
  • Familiarity with open source code.
  • Current eligibility (favorable adjudication) for Top Secret//SCI access.
  • Sec+ certification



Desired Skills and Certifications.

  • CISSP (DOD 8570) or equivalent
  • Familiarity with security accreditation-related documentation.
  • Troubleshooting, root cause assessment and POA&M development.
  • ITIL Foundations.
  • Familiarity with tools including Nessus and Splunk.
  • Experience with crypto, COMSEC handling
  • Familiarity with, and access to, Iron Mountain Data Center facilities.
  • Prior experience with Kubernetes, ansible, or other system languages, scripting, custom Python or Javascript-based applications
  • Experience with accrediting systems with open source code
  • Experience with automated tools



Desired Personal Traits.

  • Ability to work independently and as part of a team.
  • Superior organizational and time management skills.
  • Excellent communication and interpersonal skills.
  • Ability to develop, document, implement and communicate complex plans.
  • Ability to identify, analyze and mitigate risks.



Employment Pre-requisites

The following requirements must be met to be eligible for this position: successful completion of a background investigation, d rug urinalysis, and verified compliance with Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors.

SOC, a Day & Zimmermann company, is an Equal Opportunity Employer, EOE AA M/F/Vet/Disability

Estimated Min Rate: $70.00

Estimated Max Rate: $90.00
Applied = 0
MORE JOBS LIKE THIS

(web-69c66cf95d-jtnrk)