Cyber Security Engineer

• Designing, testing, and implementing secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
• Conducting risk and vulnerability assessment at the network, system and application level.
• Conducting threat modeling exercises.
• Developing and implementing security controls and formulating operational risk mitigations along with assisting in security awareness programs.
• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Researching, evaluating and recommending new security tools, techniques, and technologies and introducing them to the enterprise in alignment with IT security strategy. 
• Utilizing COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.
• Assisting in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and making recommendations on process tailoring.
• Performing analyses to validate established security requirements and recommending additional security requirements and safeguards. 
• Supporting the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Periodically conducting a review of each system's audits and monitoring corrective actions until all actions are closed.
• Supporting cyber metrics development, maintenance and reporting.
• Providing briefings to senior staff.

Required Qualifications:

• 5+ years of experience with Deployment and Maintenance of Cyber Security solutions within a DoD Environment
• 3+ years of experience utilizing the Risk Management Framework in support of obtaining a Authority to Operate
• 1+ years of experience of IaC and CaC development with Terraform and Ansible 
• Hands-on with eGRC tools like: eMASS, XACTA, RSA Archer, etc.
• Experience with Space Force risk management policies/procedures, to include, Fast Track ATO Handbook & AF Continuous ATO Playbook
• Ability to clearly articulate ideas for executive level consumption
• Ability  to use prior experience and knowledge to address new situations; especially during interactions with clients
• Ability  to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions
• Must have IAT II Certification
• B.A. or B.S. Information Security, Computer Science  or related discipline
• US Citizenship and an active Secret Security Clearance

Desired Qualifications:

• Previous experience supporting Department of Defense
• Experience evaluating information security compliance against STIGs