Cybersecurity Engineer

Location

Herndon, VA | United States

Job description

Job Description

Cybersecurity Engineer – Xacta - 360

Work Authorization:US Citizenship

Location:Herndon, VA

Onsite: 100%

Clearance:Active TS/SCI Full-Scope-Polygraph

Req. Years of Experience:3+ (Tiers 1 - 4)

Type: Full Time

Salary Range:Open to discussion

Benefits:The standard compensation package consists of a competitive salary, 100% company-paid health/dental/vision care benefits, 100% company-paid LTD/STD/Life Insurance benefits, a 401(k) with company match, and a generous holiday/vacation/sick leave policy.

Summary:

Cyrten is seeking a Cybersecurity Engineer to support a customer in Herndon, VA. This position requires an active TS/SCI full-scope polygraph clearance.

The position involves managing security assessment, compliance, change management, and continuous monitoring activities across five cloud service providers. The work requires expertise in standards like ICD 503, NIST Risk Management Framework, and cloud technologies. This position is part of an 8-person team. The team will also facilitate technical exchange meetings with cloud service providers and advise Customer leadership on cloud security services.

Click to Apply:  Apply to Cybersecurity Engineer (24-238) at Cyrten (recruiterflow.com)

No 3rd Party Candidates

No 3rd Party Vendors

Job Requirementsback to top

Scope of Work

1. Manage security assessment, compliance, change management, and continuous monitoring activities across five cloud service providers.
2. Assess cloud security technologies for security gaps and weaknesses according to industry standards.
3. Analyze security scan findings and perform risk analysis on security scan findings.
4. Review the cloud security body of evidence packages for completeness and accuracy.
5. Collaborate with internal components and security peers to determine security weaknesses of cloud infrastructure and services.
6. Advise Customer leadership on cloud security services.
7. Analyze system alerts to determine security weaknesses and document risk mitigation procedures.
8. Sustain and evolve the Customer’s standard operating procedures to meet Program Objectives.
9. Facilitate technical exchange meetings with cloud service providers.
10. Review cloud service architectures.
11. Utilize or review cross-domain technology and common architecture designs.
12. Consult project teams on system architecture and security posture.
13. Utilize compliance tools to track assessment and authorization activities.
14. Work with the NIST Risk Management Framework and security control assessments.
15. Travel as needed for local and temporary duty within the Continental United States.

Mandatory Experience

1. Demonstrated experience facilitating Technical Exchange Meetings (TEM) with cloud service providers to review cloud service architectures.
2. Demonstrated experience maintaining assessment and authorization packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.
3. Demonstrated experience designing, implementing, assessing, or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.
4. Demonstrated experience utilizing or reviewing cross-domain technology and common architecture designs.
5. Demonstrated experience consulting project teams on system architecture and security posture.
6. Demonstrated experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus, or Qualys.
7. Demonstrated experience creating, monitoring, or closing system or service plan actions and Milestone items (POA&Ms).
8. Demonstrated experience utilizing compliance tools to track assessment and authorization activities, such as Xacta 360, Service Now, or RSA Archer.
9. Demonstrated experience with the common control provider concept within the NIST Risk Management framework.
10. Demonstrated experience with security control assessments (SCAs), including working with SCAs and preparing security packages for SCAs.

Optional Desired Experience

1. Demonstrated experience using the Customers or similar element assessment and authorizing process.
2. Demonstrated experience creating or reviewing A&A evidence documentation in a cloud security environment.
3. Demonstrated experience identifying, implementing, or reviewing appropriate information security controls.
4. Demonstrated experience working in Xacta 360.

Click here to Apply:  Apply to Cybersecurity Engineer (24-238) at Cyrten (recruiterflow.com)

Job Detailsback to top

Location Herndon, VA, 20171, United States

Categories Cyber Security, Information Technology

Sec Clearances Top Secret/SCI with Full-scope Polygraph

Location Mapback to top

Contact Informationback to top

Contact Name Kevin Donaghy

How to apply A resume is required to apply to this job. Applications are sent to employer via email. Click on the link below and follow instructions.

Apply

Primary Phone 6108045873

Job Code 24-338

Cybersecurity Engineer

Job tags

Salary