Description of Position:
We inspire excellence. Across air, land, sea, space and cyber domains, our customers perform on the world’s most challenging front lines – and we are proud to employ innovators and problem solvers dedicated to delivering mission critical solutions our customers depend on. Our commitment to speed, innovation and flawless execution are matched only by our dedication to providing every employee with an inclusive environment with rewarding career opportunities.
As a global technology innovator, we employ over 50,000 employees around the world, nearly 20,000 of whom are engineers. From multi-domain communications, commercial aviation systems and intelligence, surveillance and reconnaissance systems to electronic warfare, space systems and maritime solutions – our technologies are helping change the way our customers meet their goals.
Tasks and Responsibilities:
Required Skills, Abilities, and Certifications:
- Provide Information Security System Engineering support and technical execution of information security activities associated with the authorization of NIST Risk Management Framework (RMF) hardened information systems.
- Support Security Engineering activities, including design, testing, configuration, management and maintenance of information systems.
- Assist Program Security Architect in the development of, and CONOPS for, emerging security technologies and proposals.
- Support compliance certification and vulnerability assessments as required.
- Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
- Support information assurance data collection and continuous monitoring updates for assigned security architectures.
- Principles of data flows (e.g., TCP/IP, OSI model).
- Seniority Level – Mid-Senior.
- Bachelor’s Degree and minimum 6 years of prior relevant experience. OR Graduate Degree and a minimum of 4 years of prior related experience.
- Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, and Security Assessment Plans and Procedures (SAPP).
- Experience in securing operating systems (Windows, Linux, Cisco IOS, etc.).
- DoD 8570.01-M IAT Level 2 certification (e.g. CySA+, GICSP, GSEC, Security+CE, SSCP, or CCNA Security).
- Active Top Secret Security Clearance Required.
Preferred Additional Skills:
- Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC
- Experience in the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
- DoD 8570.01-M IASAE Level 2 certification (e.g. CASP+ CE or CISSP (or Associate)).
- Strong understanding of engineering processes, concepts and information security systems engineering principles (NIST SP 800-160 Vol1).
- System testing and evaluation methods and RMF assessment methodology & process.
- Experience with application of STIGs.
- Telecommunications network engineering experience.
- Experience in Cyber Defense technologies.
- Understanding of system vulnerabilities and exploitation.
- Self-motivation, able to work well independently and within inter-disciplinary engineering teams.
- Strong written and oral communication skills.