Location
Herndon, VA | United States
Job description
Job Description
Cybersecurity Engineer – Xacta - 360
Work Authorization:US Citizenship
Location:Herndon, VA
Onsite: 100%
Clearance:Active TS/SCI Full-Scope-Polygraph
Req. Years of Experience:3+ (Tiers 1 - 4)
Type: Full Time
Salary Range:Open to discussion
Benefits:The standard compensation package consists of a competitive salary, 100% company-paid health/dental/vision care benefits, 100% company-paid LTD/STD/Life Insurance benefits, a 401(k) with company match, and a generous holiday/vacation/sick leave policy.
Summary:
Cyrten is seeking a Cybersecurity Engineer to support a customer in Herndon, VA. This position requires an active TS/SCI full-scope polygraph clearance.
The position involves managing security assessment, compliance, change management, and continuous monitoring activities across five cloud service providers. The work requires expertise in standards like ICD 503, NIST Risk Management Framework, and cloud technologies. This position is part of an 8-person team. The team will also facilitate technical exchange meetings with cloud service providers and advise Customer leadership on cloud security services.
Click to Apply: Apply to Cybersecurity Engineer (24-238) at Cyrten (recruiterflow.com)
No 3rd Party Candidates
No 3rd Party Vendors
Job Requirementsback to top
Scope of Work
- Manage security assessment, compliance, change management, and continuous monitoring activities across five cloud service providers.
- Assess cloud security technologies for security gaps and weaknesses according to industry standards.
- Analyze security scan findings and perform risk analysis on security scan findings.
- Review the cloud security body of evidence packages for completeness and accuracy.
- Collaborate with internal components and security peers to determine security weaknesses of cloud infrastructure and services.
- Advise Customer leadership on cloud security services.
- Analyze system alerts to determine security weaknesses and document risk mitigation procedures.
- Sustain and evolve the Customer’s standard operating procedures to meet Program Objectives.
- Facilitate technical exchange meetings with cloud service providers.
- Review cloud service architectures.
- Utilize or review cross-domain technology and common architecture designs.
- Consult project teams on system architecture and security posture.
- Utilize compliance tools to track assessment and authorization activities.
- Work with the NIST Risk Management Framework and security control assessments.
- Travel as needed for local and temporary duty within the Continental United States.
Mandatory Experience
- Demonstrated experience facilitating Technical Exchange Meetings (TEM) with cloud service providers to review cloud service architectures.
- Demonstrated experience maintaining assessment and authorization packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.
- Demonstrated experience designing, implementing, assessing, or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.
- Demonstrated experience utilizing or reviewing cross-domain technology and common architecture designs.
- Demonstrated experience consulting project teams on system architecture and security posture.
- Demonstrated experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus, or Qualys.
- Demonstrated experience creating, monitoring, or closing system or service plan actions and Milestone items (POA&Ms).
- Demonstrated experience utilizing compliance tools to track assessment and authorization activities, such as Xacta 360, Service Now, or RSA Archer.
- Demonstrated experience with the common control provider concept within the NIST Risk Management framework.
- Demonstrated experience with security control assessments (SCAs), including working with SCAs and preparing security packages for SCAs.
Optional Desired Experience
- Demonstrated experience using the Customers or similar element assessment and authorizing process.
- Demonstrated experience creating or reviewing A&A evidence documentation in a cloud security environment.
- Demonstrated experience identifying, implementing, or reviewing appropriate information security controls.
- Demonstrated experience working in Xacta 360.
Click here to Apply: Apply to Cybersecurity Engineer (24-238) at Cyrten (recruiterflow.com)
Job Detailsback to top
Location Herndon, VA, 20171, United States
Categories Cyber Security, Information Technology
Sec Clearances Top Secret/SCI with Full-scope Polygraph
Location Mapback to top
Contact Informationback to top
Contact Name Kevin Donaghy
How to apply A resume is required to apply to this job. Applications are sent to employer via email. Click on the link below and follow instructions.
Apply
Primary Phone 6108045873
Job Code 24-338
Cybersecurity Engineer
Job tags
Salary