Key skills
LeadershipProject ManagementRisk ManagementChange ManagementCommunicationNetwork SecurityWAF
About this role
BMA is an employee-owned small business that provides superior customer service, and they are seeking a Cybersecurity Engineer to support the DLA Cybersecurity Technology Support contract. The role involves providing specialized cybersecurity engineering support, analyzing security requirements, and assisting with the integration and operational support of enterprise cybersecurity technologies.
Responsibilities:
- Provide security engineering support for the planning, design, development, testing, demonstration, and integration of cybersecurity technologies supporting the DLA Cybersecurity Technology Group
- Analyze IA and cybersecurity requirements and apply systematic engineering approaches to resolve technical and operational issues
- Support integration of cybersecurity tools, applications, appliances, sensors, and platform-related hardware and software across the enterprise
- Evaluate system workflows, technical configurations, and operational processes to improve efficiency, reliability, and security
- Support the sustainment and operational engineering of F5 BIG-IP Application Security Manager and related WAF technologies protecting DLA websites and web applications
- Work with DLA website stakeholders to gather requirements and develop, configure, test, deploy, and maintain WAF policies
- Support patching, upgrades, preventive maintenance, bug fixes, firmware updates, and maintenance releases for WAF environments
- Assist in tuning and optimizing WAF functionality to improve security effectiveness and reduce operational risk
- Analyze existing and emerging DLA information systems and IT infrastructure to assess compliance with DoD and Federal IA policy
- Review system design documentation, proposed policies, and draft changes to identify areas of non-compliance and recommend remediation actions
- Support Security Test and Evaluation, IA assessments, and technical reviews to validate compliance with cybersecurity requirements
- Develop and document implementation standards, security engineering guides, and supporting procedures for cybersecurity tools and environments
- Support operational integration and sustainment of cybersecurity platforms used by DLA, including technologies related to WAF, GRC workflow, SIEM/ELM, IDS/IPS, vulnerability management, insider threat, UBA, and comply-to-connect capabilities
- Assist with troubleshooting, maintenance, configuration changes, and technical analysis of cybersecurity toolsets and associated infrastructure
- Support test environments and production deployments to ensure systems are stable, secure, and operationally effective
- Provide technical recommendations for product enhancements, lifecycle management, and implementation improvements
- Prepare implementation documentation, system test results, SOPs, technical reports, and engineering recommendations
- Support development of training materials, technical briefings, and user guidance for cybersecurity tools and engineering processes
- Document deficiencies, corrective actions, system changes, and engineering recommendations
- Support reporting
Requirements:
- Current DoD 8670.01/8140 IAT Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAC Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO)
- DoD 8570/8140 CND-IS
- Computing Environment Certification: F5 Certified Technology Specialist – ASM
- 7+ years of relevant information technology experience supporting cybersecurity, information assurance, systems engineering, or related enterprise IT functions
- Demonstrated experience applying engineering and analytical methods to resolve information assurance and cybersecurity technology issues
- Experience supporting the planning, design, integration, testing, and sustainment of enterprise cybersecurity technologies
- Experience with F5 BIG-IP ASM in enterprise environments
- Experience supporting DoD or DLA cybersecurity operations
- Experience with enterprise security tool integration and sustainment
- Experience working in structured change management and maintenance environments
- Experience with WAF sustainment
- Experience with information assurance engineering
- Experience with cybersecurity technology integration
- Experience with system maintenance and testing
- Experience with implementation documentation and SOP development
- Experience with platform hardening, tuning, and lifecycle support
- Familiarity with information assurance compliance, technical security controls, and cybersecurity support within a DoD or federal environment
- Strong analytical, troubleshooting, documentation, and technical communication skills
- Experience supporting DoD or DLA program offices
- Experience supporting DoD or DLA environments
- Familiarity with DLA-specific cybersecurity governance frameworks
- Familiarity with enterprise cybersecurity risk analysis and mitigation evaluation
- Familiarity with network security architecture and vulnerability assessment
- Familiarity with technical documentation and cybersecurity reporting
- Current Project Management Professional (PMP) certification
- Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society (RIMS) Certified Risk Management Professional (RIMS-CRMP)