Job Number: R0069424
Cybersecurity Engineer, Mid
Everyone knows security needs to be “baked in” to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your Cyber engineering skills to design and build secure systems for a DoD client? We're looking for an engineer who can create solutions that will stand up to even the most advanced Cyber threats.
As a Cybersecurity engineer on our project, you'll maintain a secure communications network to support mission critical operations. You'll coordinate work with Booz Allen colleagues, industry partners, and the DoD client to identify the right mix of tools and techniques to translate your client's IT needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you'll investigate new techniques, break free from the legacy model, and go where the industry is going. You'll lead the team through a critical approach to network design, providing alternatives and customizing solutions to maintain a balance of security and mission needs. This is a chance to make a difference in the security of warfighter communications. Your technical expertise will be vital as you help customers overcome their most difficult challenges by integrating secure practices to support to Assessment and Authorization (A&A) efforts under the DoD Risk Management Framework (RMF), including Authorization to Operate (ATO) package generation, artifact evaluation, and control validation. You will maintain responsibility for requirements generation for all new acquisitions and major system modifications, defining security aspects of system architectures, determining Security Test and Evaluation (ST&E) requirements and methodologies, and conducting analytical risk management activities related to the development, operation, and maintenance of DoD information systems. You will perform security assessment and compliance activities by using assessment tools and procedures and security technical implementation guides (STIGs). Prepare client systems for assessment by running security test procedures (STPs), the security content automation protocol (SCAP) compliance checker (SCC), and assured compliance assessment solution (ACAS) scans. Support the research of emerging technology, requisite security requirements, and emerging threats and develop a way forward to meet organizational goals. Apply expertise in technology, analyze the security implications of systems and applications security, and provide recommendations to decision makers and engineers. Provide Cybersecurity and consulting throughout the security assessment and compliance life cycle process. Join our team as we improve warfighter communications through Cybersecurity.
-5+ years of experience with application of Cybersecurity standards and industry best practices
-Experience with DoD SCAP or commercial tool sets, including Nessus, Retina, or Nipper Studio
-Experience with evaluating security vulnerabilities and formulating mitigation strategies for networked and non-networked systems
-Experience with the Enterprise Mission Assurance Support Service (eMASS) or XACTA
-Experience with a DoD A&A program, including developing or analyzing security test and evaluation reports
-Experience with evaluating Cybersecurity compliance of a system against current RMF and DoD Cybersecurity policies
-Ability to collaborate with multiple stakeholders
-Active Secret clearance
-BA or BS degree and 3+ years of experience with Cyber or MA or MS degree
-DoD 8570.01-m IAT Level III, IAM Level II, or IASAE Level I Certification, including CAP, CASP CE, CCNP Security, CISA, CISSP, GCED, or GSLC
Nice If You Have:
-Experience with the design and deployment of Defensive Cybersecurity Operation (DCO) methodologies or tool sets
-Experience with the design and development of Enterprise Information and Cybersecurity services
-Experience with the design and development of virtualized architectures
-Knowledge of DoD communication systems
-DoD 8570.01-m CSSP Certification, including C|EH, CSA+, CISA, CISM, GCIA, SSCP or
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website