Job Type
Full-time
Description
NexGen Data Systems is seeking a highly skilled Cybersecurity Engineer to perform complex baseline verification, vulnerability management, and infrastructure monitoring for USTRANSCOM. The scope of this project involves executing weekly automated vulnerability assessments, tracking system availability baselines, and implementing continuous monitoring configurations to protect combatant command enclaves. The Cybersecurity Engineer will be responsible for evaluating system configuration drift, orchestrating disaster recovery exercises, validating security logs across Windows and Linux environments, and supporting DevSecOps and Zero Trust architectural engineering initiatives.
Roles & Responsibilities- Conduct in-depth security audits and weekly automated network vulnerability scans utilizing ACAS and Nessus tools.
- Maintain strict configuration status accounting for security baselines, generating Configuration Status Accounting (CSA) Reports to stop unauthorized drift.
- Monitor the command's Information Assurance Vulnerability Management (IAVM) alerting pipeline, mapping findings to specific system components.
- Build and maintain system resilience protocols by conducting periodic Continuity of Operations (COOP) and Disaster Recovery (DR) test exercises.
- Interface with the USTRANSCOM SOC to ensure automated ACAS and HBSS/ESS data feeds are active, continuous, and properly correlated.
- Write and maintain automated remediation scripts (such as PowerShell or Bash) to rapidly close configuration gaps within enterprise server structures.
- Evaluate CI/CD pipeline control gates, assessing tenant applications against the DoD Container Security SRG before production deployment.
- Support DevSecOps automation by reviewing security control gates, conducting container vulnerability scanning, and assisting in the validation of Infrastructure-as-Code (IaC) manifests.
- Assist in Zero Trust architectural engineering, including validating custom ZT overlays and mapping legacy network transaction flows.
Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
Requirements
Desired/Required Skills:- Clearance Required: Active Department of Defense Top Secret/SCI (Tier 5 Investigation) required.
- Location: On-site at Scott Air Force Base (AFB), IL.
- Education: Bachelor's degree in Computer Science/Engineering OR 5 years' experience with an active technical certification.
- REQUIRED Cyber Baseline: Active DoD 8570.01-M / DoDM 8140 IAT Level II baseline certification (e.g., Security+ CE, CySA+, or CCNA Security).
- REQUIRED Computing Environment: Active Tenable Certified Nessus Auditor or official ACAS Administrator certification.
- REQUIRED Foundational Qualification: Defense Cyber Crime Center (DC3) Cyber 101 course completion.
- 6-9 years' relevant systems administration and engineering experience in a routed/switched DoD enterprise environment.
- Hands-on expertise configuring and hardening host operating systems (Windows Server, Red Hat Enterprise Linux) against DISA STIGs.
- Clear understanding of boundary defenses, firewalls, routers, and host-based security systems (HBSS/ESS).
Benefits:- Company covers 100% of premiums for the employee's medical, dental, and vision insurance and subsidizes premiums for spouse and dependents.
- Company provides short and long term disability plans.
- 401(k) match up to 10% of the employee's salary contributions to 401(K) plan.
- Comprehensive training and development program.
- 11 paid holidays and paid time off (PTO) accrual level starts at 15 days annually.
