$80K — $100K *
You will be responsible for designing, developing, and implementing security controls to preserve the confidentiality, integrity and availability of information systems.
Assist in successfully integrating security configuration procedures and tools on Linux and Windows platforms. This includes evaluating requirements, selecting/implementing security controls, reviewing installation procedures, conducting verification and validation of test procedures and script changes, tailoring and configuring security controls for specific product using automation, security assessment plan preparation, test procedure preparation, test execution and reporting, performing security vulnerability assessments using Assured Compliance Assessment Solution (ACAS), and performing SCAP security assessment/configuration.
Identify issues and recommend solutions for the integration team, customers, and suppliers.
Perform Assessment and Authorization (A&A) activities with various government authorities and certification agents to obtain and maintain official Authorization to Operate (ATO) or Interim Authorization to Test on Enterprise and Platform IT (PIT) systems.
Cybersecurity Engineer / Information Assurance Engineer will provide secure coding guidance and input to the software development team to minimize programmatic vulnerabilities. Knowledge of any Static Code Analysis (SCA) tools (e.g., Coverity, Klockwork, SonarQube, etc) is considered a big plus.
1. Minimum of current Secret clearance to start
2. Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering, or related engineering field
3. Experience in RedHat Linux as a power user (i.e., knowledgeable of some UNIX admin commands and functions)
4. Knowledge of remediation methods using various cybersecurity controls for systems and networks
5. Excellent written and verbal communications skills
6. Familiar with risk management framework (RMF) process and experience responding to data call requests in support of an Authority to Operate (ATO)
1. Experience with or knowledge of the Risk Management Framework (RMF) and the DOD Information Assurance Certification & Accreditation Process (DIACAP) methods
2. Software development experience in Java or C++ and/or system administration experience in RedHat Linux
3. Experience with automation using Python or other tools
4. Experience using automated static analysis tools along with manual code review
5. Familiarity with high-performance/cloud computing using containerization
6. Knowledge of DBMS and SQL (i.e. Oracle Database, PostgreSQL)
7. Understanding of encryption concepts. Ability to communicate secure coding concepts and identify potential software defects/flaws
8. Familiarity with using Bash/Shell to produce hardening scripts and workable knowledge of using utilities such as SCAP and ACAS to identify system vulnerabilities
9. Experience in application and OS hardening using Puppet modules and/or Ansible Playbook scripts
10. Risk Management Framework planning and implementation working experience is considered a plus
11. CISSP or Security+ certification or the pursuit thereof is a plus
Valid through: 11/8/2020
$80K — $100K
9 days ago