We are hiring a Cyber Security Engineer, supporting our program at US STRATCOM onsite in Bellevue, Nebraska.
What you'll do:
Information Technology Capabilities Contract (ITCC II) Cyber Security Engineering (CSE) team members are responsible for providing direct cybersecurity support for ITCC II engineering efforts and assigned projects to meet the needs of customers and project stakeholders through cyber security analysis of system vulnerabilities and artifacts across multiple technologies and networks. CSE team members also contributes to the development of technical solutions to help in identifying cybersecurity requirements.
The CSE team ensures the implementation and documentation of the Risk Management Framework (RMF) Assessment and Authorization (A&A) activities by ensuring cybersecurity policy adherence, directly supporting project technicians and engineers, participating in project meetings and activities, and delivering cradle-to-grave assistance to project teams. Daily tasks include, but are not limited to:
• Use Tenable Nessus Assured Compliance Assessment Solution (ACAS) to perform vulnerability correlation for findings discovered in scans to support RMF A&A and Vulnerability Management requirements
• Maintain working knowledge of applicable Security Technical Implementation Guides (STIGs), cyber defense policies, regulations, and compliance documents related to cyber defense auditing
• Review project requirements to identify potential security vulnerabilities during all phases of development in accordance with DoD, NIST, USCYBERCOM and USSTRATCOM security policies and guidance
• Assist engineers with developing required security documentation such as Interim Authority to Test (IATTs), System Security Plan (SSP) Change Requests (SCR), Plans of Action and Milestones (POA&Ms)
• Assist engineers with research on STIG findings, hardening requirements, and potential mitigations
• Support project managers in the communication and tracking of cybersecurity requirements, along with potential cybersecurity roadblocks in an effort to assist the project meet contractual milestones
• Comprehensively review IATTs, SCRs, STIG findings, vendor hardening guides, POA&Ms and various memos for completeness and any possible security concerns
• Communicate technical and security-related information effectively, in both oral and written form, to administrators, engineers, program managers, government personnel, and senior leaders
• Create, route, and monitor workflow packages to ensure A&A documentation meets requirements
• Work directly with system/enclave Information System Security Managers (ISSMs), System Owners, Security Control Assessors (SCAs) and other security teams on security related issues regarding assigned projects
• Provide security oversight and guidance to engineering teams to ensure systems are properly configured, tested and comply with cyber security best practices
• Research to understand new products and Information Assurance practices
• Leverage working knowledge of the current environment to educate and train, as necessary
• Utilize and navigate Microsoft products such as Word, Excel, Teams, and SharePoint in carrying out daily tasks
2 years with a BS/BA, 0 with MS/MA, or 6 years of applicable experience in lieu of degree.
What you'll need:
• DoD 8570, IAT Level II Certification (Security+)
• Active TS/SCI Clearance
Desired Education Requirements:
• Bachelor's degree or higher with 4+ years of relevant experience and a technical emphasis in Information Assurance/Cyber Security, Information Technology, or Computer Science
Desired Certifications:
• Maintaining or actively pursuing additional DoD 8570 IAT or IAM-focused certification (CGRC, CYSA+, CCNP Security, CEH, CISM, CISSP, GIAC, etc.) or higher-education Degree with focus on Information/Cybersecurity
Desired Experience:
• Tenable Nessus - Assured Compliance Assessment Solution (ACAS)
• Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), Plans of Actions and Milestones (POA&Ms)
• Risk Management Framework (RMF)
• BMC Remedy / ServiceNow
• Any experience utilizing DoD approved cybersecurity monitoring solutions and tools, as well as experience in one or more of the following technologies:
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Software Powered by iCIMS
www.icims.com