Cyber Security Engineer

The Cyber Security engineer will support an established DevSecOps (DSO) team to establish and maintain the first-of-its-kind accreditation of Army programs. The Cyber Security engineer will face unique challenges and contribute ideas that bridge mission support and information assurance that fosters a collaborative environment for immediate mission impact. Further, the Cyber Security Engineer will require foundational knowledge of software integration and engineering disciplines.

• Bachelors degree in a technical discipline.

• Ability to travel as required.
• Standard office environment with occasional requirements to visit client sites, labs, or field environments.

• →Manage RMF Process & Documentation: Guide and support Army programs through the DoD's Risk Management Framework (RMF) process, including managing and maintaining essential documentation such as the System Security Plan (SSP). This includes securing and maintaining an Authority to Operate (ATO) throughout its entire lifecycle.
• →Implement Security Controls: Apply and enforce security controls by implementing Security Technical Implementation Guides (STIGs) on both Linux and Windows platforms to ensure system hardening and compliance.
• →Support Continuous Accreditation: Work as part of a DevSecOps (DSO) team to support the continuous accreditation of Army programs. This includes applying your understanding of Cybersecurity concepts, IAVMs, and Net-worthiness to foster a collaborative environment and ensure ongoing compliance.
• →Utilize eMASS & Cloud Environments: Manage the RMF package within the eMASS utility and support security efforts within cloud environments.
• →Collaborate with Engineering Teams: Bridge the gap between cybersecurity and engineering disciplines by collaborating with software engineers and understanding CI/CD pipelines to integrate security measures seamlessly into the development lifecycle.
• →Provide System Administration Support: Apply foundational knowledge of system administration principles to support and troubleshoot security-related issues in both Linux and Windows environments.

• →Experience managing and/or supporting an effort through the DoD’s Risk Management Framework (RMF).
• →Experience of managing a System Security Plan (SSP) and the associated Authority to Operator (ATO) throughout the entire lifecycle.
• →Experience managing and/or supporting required RMF documentation.
• →Experience or understanding of Cybersecurity concepts, Information Assurance Vulnerability Management (IAVM), Airworthiness, Safety, and Net-worthiness.
• →Experience or understanding of applying the RMF package into the eMASS utility.
• →Experience of applying STIG controls in Linux and Windows platforms.
• →Understanding of cloud environments and the tools, processes, and utilities deployed within.
• →Understanding the implementation and workflows of software engineering CI/CD pipelines.
• →Understanding of authentication and authorization architectures and tool-suites.
• →Understanding of basic system administration principles both in Linux and Windows environments.