Cybersecurity Project Engineer

Nightwing

$90K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in cybersecurity roles
  • Strong understanding of network security principles
  • Experience with security tools (firewalls, IDS, anti-malware)
  • Knowledge of operating systems and security configurations
  • Familiarity with NIST and ISO security standards
  • Ability to identify and assess security vulnerabilities
  • Excellent communication and interpersonal skills

Responsibilities

  • Support the LSA to design and deploy security controls for a multi-tenant environment
  • Collaborate with Platform and Operations teams on security control integration
  • Conduct risk assessments and identify vulnerabilities in systems
  • Develop templates/tools for automating security control deployment
  • Facilitate meetings to analyze authorization documents and identify gaps
  • Review program-level documentation for security compliance
  • Conduct hands-on security testing and recommend countermeasures

Benefits

  • Collaborative work environment with passionate individuals
  • Opportunity to engage in innovative projects
  • Career growth in a rapidly developing field
  • Involvement with diverse cybersecurity challenges
  • Contribution to national security and intelligence efforts
Full Job Description
Job Title: Cybersecurity Project Engineer Location: Sterling, VA Clearance: TS/SCI Poly **This position is CONTINGENT upon contract award** The Cyber Security Project Engineer (CSE) supports the LSA to identify, design, and deploy security controls and subsystems to support the on-premises secure multi tenant infrastructure environment (CUSTOMER). The CSE collaborates with the Platform and Operations teams to integrate security controls into the IaaS environment. The CSE discovers and mitigates cybersecurity risks, assess the security controls implemented within and inherited by the system, understand and apply policies to address requests for information on cyber best practices, conduct risk assessments for specialized devices, and provide information system security expertise. Collaboratively works closely with Platform and Operations teams, Sponsor, Information System Security Officers and Managers, as well as the Authorizing Officials (AO) to conduct comprehensive CNSSI 1253 and NIST SP 800-53a assessments of the management, operational, and technical security controls. Daily tasks include, but are not limited to: - Work with LSA, technical team to develop template/tools for automating the deployment of security controls in the CI/CD pipeline and the continuous automated/enhanced assessments or O&M of vulnerability scan tools - Facilitates meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with team stakeholders. - Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans and security plans). - Identify and recommend mitigations for potential avenues of exploitation, including system level attacks and user level attacks. - Advises and assists with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP) - Develops and documents security evaluation test plans and procedures - Develops SCA artifacts, including the Security Assessment Plan (SAP), Security Assessment Reports (SAR), and Remediation Actions - Experience with developing Plans of Action and Milestones (POA&Ms), including providing risk mitigation strategies, steps, and milestones. - Conducts hands on security testing, analyzes results, documents risks, and recommends countermeasures - Applies working knowledge of Industry Best Practices (e.g. SANS Top 20) National/International policies and standards and how they relate to the A&A process - Applies working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process - Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation Required Skills: - Strong understanding of network security principles and technologies. - Experience with security tools and technologies (e.g., firewalls, intrusion detection systems, anti-malware software). - Knowledge of operating systems and their security configurations. - Familiarity with security protocols and standards (e.g., NIST Framework, ISO 27001). - Ability to identify and assess security vulnerabilities. - Strong problem-solving and analytical skills. - Excellent communication and interpersonal skills. - Ability to work independently and as part of a team. - Experience with scripting and automation. Desired Skills: - Experience with cloud security (e.g., AWS, Azure, GCP). - Knowledge of security information and event management (SIEM) systems. - Experience with incident response and forensic analysis. - Familiarity with various security frameworks (e.g., SCDO, OWASP). - Experience with ethical hacking techniques. - Experience with scripting languages (e.g., Python, PowerShell). - Ability to create and maintain security documentation. Desired Certs: - One or more of the following: CompTIA Security+, CISSP, CISA, CISM, CCSP, SSCP, GIAC Security Essentials

Similar Jobs

More Jobs at Nightwing

  • Test Engineer
    $90K — $120K *
    Sterling, VA 20164 (Loudoun County)
    Information Technology
    In-Person
  • Infrastructure Engineer
    $90K — $130K *
    Sterling, VA 20164 (Loudoun County)
    Information Technology
    In-Person
  • Business Process Tech Consultant (ServiceNow)
    $90K — $130K *
    Sterling, VA 20164 (Loudoun County)
    Technical Services
    Hybrid
  • Systems Engineer
    $90K — $130K *
    Sterling, VA 20164 (Loudoun County)
    Information Technology
    In-Person
  • Storage Engineer
    $90K — $130K *
    Sterling, VA 20164 (Loudoun County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Cybersecurity Project Engineer jobs: