Design hardware, operating systems, software applications and secure interfaces to meet cybersecurity requirements across information systems, physical systems and embedded technologies.
Perform risk analysis (threat, vulnerability and probability of occurrence) when applications or systems undergo major changes and develop mitigation strategies for cost, schedule, performance and security risks.
Conduct security reviews to identify gaps in architecture, recommend security changes to system components and incorporate vulnerability solutions into system designs.
Design, develop, integrate and update system security measures that support confidentiality, integrity, availability, authentication and non-repudiation.
Develop detailed security design documentation for components and interfaces, including functional descriptions of security implementation and keep documentation current.
Identify components and elements, allocate security functions and describe relationships between system elements; trace requirements to design components and perform gap analysis.
Implement security designs for new or existing systems and direct remediation of technical issues discovered during testing and implementation (including interoperability and protocol issues).
Develop and direct system testing and validation procedures and documentation; analyze test data and translate results into evaluative conclusions.
Identify, assess and recommend cybersecurity or cybersecurity-enabled products for system use, ensuring compliance with organizational evaluation and validation requirements.
Provide input to implementation plans, SOPs, RMF process activities and documentation and support security/certification test and evaluation activities.
Build, test and modify prototypes using working or theoretical models; use models and simulations to predict performance under different operating conditions.
Verify stability, interoperability, portability and scalability of the system architecture and security design.
Requirements
7+ years of relevant experience
Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking
Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.
Deep expertise in information security systems engineering principles, specifically NIST SP 800-160 and the application of security models such as Bell-LaPadula, Biba and Clark-Wilson.
Proficiency in enterprise architecture methods (e.g., TOGAF, DoDAF, FEAF) and secure configuration techniques, including STIGs and CIS best practices.
Mastery of network security architecture (defense-in-depth), traffic flow analysis (TCP/IP, OSI model) and identity management protocols (PKI, Oauth, SAML, SPML).
Advanced knowledge of firewalls, DMZs, encryption algorithms and access authentication methods across both standard and specialized (ICS/SCADA) environments.
Skill in applying mathematics (linear algebra, statistics, calculus, operational analysis) and Information Theory to solve problems in data compression, resiliency and system performance.
Strong understanding of PII and PCI data security standards, alongside the legal and ethical policies governing cybersecurity and privacy.