Cyber Systems Engineer – Level 3 or 4
Fairfax, Maryland, United States of America
Full Time
2 weeks ago
$119,600 - $234,600 USD
No Visa Sponsorship
Key skills
Cyber SecuritySDLC
About this role
Role Overview
- Support the architecture and design of baked in cybersecurity requirements and protections
- Plan, implement, and perform assessment of allocated security controls, policies, and processes compliance
- Translate allocated security controls into system and segment level requirements
- Provide cybersecurity system engineering implementation guidance and oversight to technical teams/implementers
- Review and Assess stakeholder security objectives, protection needs and concerns, security requirements, and associated verification/validation methods
- Provide security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences
- Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions
- Author, support and maintain cybersecurity program documentation & RMF package documentation: Cybersecurity Strategies, System Security Plans, Continuous Monitoring of all Program assets, Plans, Risk Assessment Report, Security Control Traceability Matrix, etc.
- Document findings (POA&M’s) and perform scanning/assessment tasks on Program assets
Requirements
- Bachelor's degree with 5 years of relevant experience; Master's degree with 3 years of relevant experience; PhD with 0 years of relevant experience
- Active Top Secret/SCI and Full-Scope Poly security clearance required at time of application
- Possession of Security+ Certification or Certified Information Systems Security Professional (CISSP) Certification
- Direct experience developing RMF assessment and authorization documentation
- Direct experience with Security Technical Implementation Guides (STIGs)
- Experience with RMF (NIST 800-37) accreditation functions, including documentation, scanning, assessment, Plan of Action and Milestones (POAM) management, and all steps of the RMF process
- Direct experience assessing the Program's system security posture in compliance with customer requirements and directives
- Experience with requirements development & derivation from allocated controls, system integration & test and validation and verification
- Experience developing Security CONOPs and SSPs
- Experience with integrating Cyber Systems Engineering requirements with Program System Development Life Cycle (SDLC) initiatives
- Ability to communicate clearly and collaborate with both internal teams, internal management and external customers
Tech Stack
- Cyber Security
- SDLC
Benefits
- Health insurance coverage
- Life and disability insurance
- Savings plan
- Company paid holidays
- Paid time off (PTO) for vacation and/or personal business