NetSEA Technologies is currently seeking Cyber Security Engineer
Roles/Responsibilities:
As a Cybersecurity Engineer, you will use your expertise to:
• Gather and analyze a system’s cybersecurity posture with DoD and Industry cybersecurity tools such as Tenable Assure Compliance Assessment Solution (ACAS) Nessus scanner, DoD Security Technical Implementation Guidelines (STIGs), Security Content Automation Protocol (SCAP) Compliance Checker (SCC), Evaluate-STIG, varied Firewall and IDS/IPS technologies, Endpoint Security products, Security Incident and Event Management, and PKI.
• Demonstrate application of FIPS 140-2 compliance and NIST framework principles, and how these requirements translate to cyber security solutions, processes, configuration implementation, and application requirements.
• Gather, analyze, manage, and communicate a system’s software security requirements in line with DoD standards and project timelines to include identifying and communicating applicable system patches and STIG configuration updates.
• Work with developers and engineers during development and testing of system baselines to ensure patches and STIG configurations are implemented or otherwise accounted for to the Information System Security Officer (ISSO) by the appropriate mitigation statements for risk acceptance.
• Identify and communicate cybersecurity-related impacts of development and purchase decisions to include impacts to the system’s Authorization to Operate (ATO), follow-on actions required to garner approvals for the change from the Authorizing Official (AO), documentation required to meet compliance, and applicable security configurations or maintenance expectations.
• Understand DoD Risk Management Framework (RMF) to report continuous monitoring activities of a system’s accreditation though the Enterprise Mission Assurance Support Service (eMASS) portal.
• Consolidate and deliver Engineering reports and other cybersecurity materials required by Configuration Management and Product Manager Cybersecurity personnel.
• Translate security policies and requirements into Cybersecurity engineering implementation and communicate the requirements to Configuration Management and the Development team for integration with the system’s security posture.
• Experienced with the network and host vulnerability scanning process and understand processes related to residual risk identification.
• Coordinate with Engineering and other Cybersecurity personnel to implement and enforce security policies and patch management processes.
• Participate in Early Entry Review Board’s to provide Cybersecurity input.
• Act as a liaison between the project team and ISSOs for vulnerability management reporting, Army Cyber (ARCYBER) Cyber Tasking Order (CTO) compliance reporting, and RMF related activities and deliverables.
• Demonstrate knowledge of scripting languages (Python, Java, Powershell, etc).
• Prepare incident handling processes and analyze data from scans.
• Demonstrate good written and oral communications skills and the ability to produce documentation, briefing materials, and network diagrams in Power Point, Word, Excel and Visio.
Clearance Level: US Citizen and with active Secret clearance (preferred)
Location: Aberdeen Proving Ground, MD
Hours: Normal business hours Monday – Friday
Travel: Up to 50%
Required Skills:
• BA or BS degree or equivalent in Computer Science, Information Systems, Engineering, Cyber Security or related technical experience is required.
• Minimum 8 years’ experience with DoD network engineering/management
• Minimum 4 years specified work in Cyber Security
• DoD 8570 certifications for IAT Level III or IAM Level II
Nice to Have
• Experience with: Ansible, Elastic (ELK) stack, Cisco ASA, Palo Alto Firewall/IPS/Panorama, Kafka, virtual machines, and containers