Product Cybersecurity Lead

SciTec has an immediate opportunity for a talented Product Cybersecurity Lead in our Boulder, CO office supporting the development of next-generation missile warning systems. The Product Cybersecurity Lead will lead a team responsible for ensuring the security of an advanced data processing system and demonstrating the security of this system through customer accreditation processes.

SciTec, Inc. is a dynamic small business with the mission to deliver advanced sensor processing technologies and scientific instrumentation capabilities in support of national security and defense applications. We support customers throughout the Department of Defense and U.S. Government in building innovative new tools to deliver unique, world-class data exploitation capabilities. SciTec seeks a candidate who will thrive in an environment where they can solve challenging engineering problems in support of critical national security objectives.

The role of Product Cybersecurity Lead includes the following responsibilities:

• Evaluating customer cybersecurity requirements and identifying technical and procedural measures to address those requirements.
• Leading a team of employees and contractors to implement, document, and validate cybersecurity controls.
• Providing input to software product design to improve product hardening
• Analysis of emerging advanced cybersecurity threats and the development of countermeasures to ensure product robustness against sophisticated adversaries.
• Management and enhancement of a secure software development lifecycle process to deliver high-assurance software.
• Coordination and communication between program management, software development teams, and customer representatives to integrate cybersecurity with the overall program development effort.
• Identification and implementation of opportunities for improvements to the software development lifecycle and to supporting DevSecOps technologies.

Requirements

The following minimum qualifications are required for all applicants:

• Ten years of experience in any combination of cybersecurity, software development, computer science, or engineering. At least five of these years must specifically be in the cybersecurity.
• Candidate must have an active SECRET DoD or DoE security clearance.
• Candidate must have an active CompTIA Security+ CE certification, or an alternate qualifying certification satisfying DoD 8570.01M Information Assurance Level II training requirements. Certifications for higher levels of DoD 8570.01M training are acceptable substitutes.

Beyond these minimum qualifications, SciTec is actively seeking and will prefer candidates who have any combination the following skills and qualifications:

• This is a leadership role with direct customer interaction. Candidates should demonstrate excellent written and verbal communications skills.
• Candidates will be strongly preferred who familiarity with continuous ATO processes.
• Candidates will be strongly preferred who have an active TOP SECRET//SCI clearance.
• Candidates will be strongly preferred who have a CISSP or CISSP Associate certification, or an alternate qualifying certification satisfying DoD 8570.01M Information Assurance Technician Level III or Information Assurance Manager Level II requirements.
• Candidates will be preferred who have experience with the preparation of RMF accreditation packages, including familiarity with eMASS. Specific familiarity with NIST 800-53 and CNSS 1253 is a plus.
• Candidates will be preferred who can demonstrate prior experience in using threat modeling to develop a prioritized set of security controls to defend an information system. Familiarity with the MITRE ATT&CK framework is a plus.
• Candidates will be preferred who have experience in managing a high-assurance software development lifecycle and using DevSecOps tools and techniques to support software engineering. Familiarity with common application exploitation mechanisms and corresponding defenses is a plus.
• Candidates will be preferred who have bachelors or graduate degrees in cybersecurity, computer science, computer engineering, or related fields.
• Candidates will be preferred who have domain experience in remote sensing applications
• Candidates will be preferred who have experience with Agile software development methods
• Candidates will be preferred who have experience with project management, particularly familiarity with EVM processes.

Benefits

As a small business, SciTec, Inc. offers room for growth and a flexible, fast-paced work environment. We work daily to develop one-of-a-kind solutions for challenging national problems. SciTec encourages collaboration across our offices in Boulder, El Segundo, Dayton, Huntsville, Virginia, and our headquarters in Princeton and provides access to opportunities across the corporate spectrum. Initiative is expected and encouraged, all employees have the opportunity and flexibility to broaden their technical horizons, and our daily work makes an impact on the world around us. SciTec offers a highly competitive salary and benefits package including health insurance, parental leave, vision, life, and disability insurance, 401(k) plan with employer contribution, holidays and paid time off plans (including vacation and sick time), an annual profit-sharing plan, and an annual performance bonus plan. The salary range for this position is $160,000 to $206,000. This is not a guarantee of compensation. SciTec is committed to hiring and retaining a diverse workforce and is proud to be an Equal Opportunity/Affirmative Action employer.