Job Duties and Responsibilities The Cyber Security Engineer provides engineering support in the dynamic, high-performance and growing Cyber Security ManTech team in Pasadena, CA. Work closely with the Cyber Security Lead to deliver superior cybersecurity support services to the client, and ensure the proper security posture in a high threat environment. The Computer System Engineer will work in a fast-paced, high-performance team environment to ensure the security of endpoint devices and of the client computing environment.
• Assist in ensuring the adequacy of the Security Computing Environment
• Anticipate and provide input into Cybersecurity requirements
• Keep current with evolving and changing cyber security technology and requirements
• Directly assist in the assurance of information security and integrity of client environment by developing, communicating, and applying Best Practices and policy derived security requirements, standards, and tools in the areas of encryption, scanning and intrusion detection, and incident investigation.
• Assist in risk analysis, risk assessments and comprehensive risk management
• Implementing the organizational IT Security requirements / security protective measures Technical, Operational and Management (policy)
• Anticipating and providing substantive input with revisions of the IT security policy
• Developing and maintaining an IT Security Plans for all IT equipment
• Working with client internal Cybersecurity on critical and high security incidents
• Involved in functional and security testing of new, proposed IT products/solutions
• Identify and fixed discovered vulnerabilities and mitigate risks
• Assist with full disk encryption for laptop/notebook computers
• Maintain Key Escrow and perform the organizational Key Escrow processes
• Supporting the organizational PIV-II and PKI implementation and processes
• Performing technical support for Anti-virus cleanup to include onsite or remote
• Interface and integrate with other departments to allow/enforce access controls for authentication, authorization, and large file transfers.
• Perform continuous diagnostic and mitigation (CDM) clients for endpoint monitoring, RES for whitelisting and MIR for forensics
• Possess a some understanding of enterprise IT systems, software development languages, ITIL, ITSM
• Knowledge of fundamental cyber security principles (authentication, authorization, encryption, non-repudiation, etc.)
• Understanding of IT Security and cybersecurity including Windows client/Servers, routers, servers, storage technologies, firewalls, PKI, SSO, IdAM, HPG, etc.
• Understanding of DHS’ Continuous Diagnostic & Mitigation, software patching, cryptography & key management, diagnostic forensics, application whitelisting
• Must have understanding of NIST Cybersecurity Framework, Risk Management Framework (RMF) and SP800-53 controls
• Familiarity with Common Weakness Enumeration (CWE), Common Vulnerabilities and Exposures (CVE), Common Platform Enumeration (CPE), and Common Vulnerability Scoring System (CVSS)
• Excellent time management, written, verbal, and presentation skills
• Must be highly motivated, goal-driven, and results-oriented
• Must be self-disciplined, and possess positive, “get things done” attitude with passion to “take things up a level”
• Self-disciplined and have a positive attitude
• Ability to work with and build relationships with Government officials at all levels
• Knowledge of and experience with NASA domain and computing environment
• Basic knowledge of the NIST Cyber Security Framework, FIPS201-2 and NIST Special Publications (including SP800-37, SP800-61, SP800-62, SP800-73, SP800-78, SP800-137, SP800-144, SP800-157, SP800-160, SP800-161, and SP800-167; plus key Instructions / Policy on cybersecurity and Computer Network Defense issued by the Federal CIO
• Some knowledge of Symantec PGP Full Disk Encryption (FDE), RES whitelisting and FireEye MIR security products
• Possess strategic thinking ability, creativity/innovative ability and systems thinking
• Ability to collaborate with peers in others part of the company for the benefit of ManTech
• Preferred (ISC)2 Certified Information Systems Security Professional (CISSP) or CompTIA Security+ Continuing Education (CE) certification in good standing
• B.S. degree in a computer science, information technology or computer related discipline
• 2 – 4 years IT work experience in a global information technology infrastructure environment.
Must be a U.S. Citizen with an active Top Secret (TS) clearance based upon Single Scope Background Investigation (SSBI) within 5-year scope and approved or previously approved for Sensitive Compartmented Information (SCI) access
Qualifications Program Requirements include Bachelor's degree or equivalent and two to four years of related experience. Minimum of six months experience in technology/tools specific to the target platforms.