Parsons Corporation is seeking a Senior Cybersecurity Engineer to join their Cyber & Intelligence team supporting DCSA partners. The role involves developing secure configurations for DevSecOps environments, ensuring compliance with NIST standards, and protecting projects from evolving threats.
Responsibilities:
- Work closely with system designers, operators, as well as industry to design security into products, develop new standards, and highlight requirement gaps
- Design and conduct risk assessments to ensure capabilities are integrated properly without threat to the systems’ security posture
- Generate cybersecurity functional requirements during design reviews and support the agile development of systems and capabilities
- Develop and execute, security-centric test and evaluation procedures and document results
- Troubleshoot and investigate system configurations, patches, security scan findings
- Identify and update security and virus scan definitions to determine integration strategies and baseline impacts
- Review Security Technical Implementation Guide (STIG) findings and ensure all systems and capabilities remain compliant
- Provide support to the Assessment and Authorization (A&A) Risk Management Framework (RMF) with processes established in DOD Instruction 8510.01 on all client managed systems, to ensure the valid and accurate review of all associated documentation
- Develop and review certification and accreditation documents
- Develop and review RMF artifacts (e.g., System Security Plan (SSP); Ports, Protocols and Services (PPS); and Accreditation Boundary diagrams)
Requirements:
- Current Secret security clearance is required and therefore all candidates must be a U.S. Citizen
- B.A./B.S. in Cyber Security, Information Security Engineering, mathematics, or a related field (Educational requirements may be adjusted for applicable work experience.)
- Current DoD 8570 IAT II certification
- Must have recent RMF and ATO experience
- Must have extensive experience in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks
- Minimum of 4-8 years' experience in designing and implementing systems that meet agency Cyber Security policy and regulations. (Work experience may be adjusted for highly specialized knowledge or uniquely applicable experience.)
- Knowledge of Risk Management processes and methodologies
- Experience developing RMF documentation and artifacts (e.g., PPS, design diagrams, SOPs, POA&Ms, etc.)
- Experience in network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
- Good verbal and written communication skills
- Current DoD 8570.01 IAT III certification
- Experience with AWS and cloud architecture design
- Experience with security tools and devices, including network firewalls, web proxy, intrusion prevention systems, vulnerability scanners, or penetration tools, or object-oriented programming languages, including Java or Python