Key skills
Cyber SecurityAgileLeadershipCommunicationTrivySonarQubeCheckmarx
About this role
Role Overview
- Work closely with technical teams to implement secure system improvements that meet DoD cybersecurity standards.
- Monitor and evaluate project progress, providing actionable reports to leadership and government officials.
- Communicate with team, customers, and stakeholders in a clear, concise, timely, and professional manner.
- Manage and maintain security authorization packages within the DoD RMF lifecycle
- Ensure the confidentiality, integrity, and availability of systems through compliance with NIST 800-53 controls and DoDI 8500 series
- Draft and maintain documentation including System Security Plans (SSPs), POA&Ms, and Continuous Monitoring strategies
- Support system assessments, vulnerability scanning, and remediation efforts using tools like SonarQube, Checkmarx, Trivy, Dependency Track, eMASS, and Nessus
- Support system assessments, vulnerability scanning, and remediation efforts relating to DISA STIGs
- Interface with government security officials (e.g., ISSMs, AO representatives) to support audits, inspections, and reviews
- Coordinate security engineering input into system designs and control implementation
- Track and respond to cybersecurity incidents and ensure timely reporting and recovery efforts
- Participate in Agile/DevSecOps development cycles, ensuring security is integrated from concept to deployment
- Assist with personnel security awareness, training, and insider threat mitigation
- Commute as needed to the nearest secured facility to perform duties in a higher environment.
Requirements
- US Citizen
- Bachelor’s degree in Information Science, Engineering, Computer Science, Technology Management, or a degree in a closely related field
- 3+ years of experience in Cyber Security, preferably within a DoD or government contracting environment.
- An advanced degree may substitute for two years of required experience
- Industry certification such as Security+ CE, CISSP, CISM, or CAP (Security+ is a DoD 8570 baseline requirement)
- Hands-on experience with RMF steps, security control implementation, and continuous monitoring
- Proficient with tools such as SonarQube, Checkmarx, Trivy, Dependency Track, eMASS, Nessus, and DISA STIGs
- Familiarity with Air Force cybersecurity policies and standards, including AFMAN 17-1301
- Familiarity with Federal cybersecurity compliance work
- Very good verbal and written communication skills
- An Interim Secret or Secret Clearance to start
Tech Stack
- Cyber Security
Benefits
- competitive pay
- comprehensive health, dental, and vision insurance
- paid life insurance
- paid time off
- 11 paid holidays
- performance bonuses
- tuition reimbursement
- unlimited training
- opportunity to thrive in a collaborative, flexible, and innovative environment