Product Cybersecurity Engineer
Boulder, Colorado, United States
SciTec
The world brings problems; SciTec builds solutions. Our team is committed to delivering cutting-edge advancements for defense, security, and civil affairs.SciTec has an immediate opportunity for a talented Product Cybersecurity Engineer in our Boulder, CO office supporting the development of next-generation missile warning systems. The Product Cybersecurity Engineer will be responsible for ensuring the security of an advanced data processing system and demonstrating the security of this system through customer accreditation processes.
SciTec, Inc. is a dynamic small business with the mission to deliver advanced sensor processing technologies and scientific instrumentation capabilities in support of national security and defense applications. We support customers throughout the Department of Defense and U.S. Government in building innovative new tools to deliver unique, world-class data exploitation capabilities. SciTec seeks a candidate who will thrive in an environment where they can solve challenging engineering problems in support of critical national security objectives.
Responsibilities
- Evaluating customer cybersecurity requirements and identifying technical and procedural measures to address those requirements.
- Implement, document, and validate cybersecurity controls.
- Providing input to software product design to improve product hardening.
- Analysis of emerging advanced cybersecurity threats and the development of countermeasures to ensure product robustness against sophisticated adversaries.
- Management and enhancement of a secure software development lifecycle process to deliver high-assurance software.
- Identification and implementation of opportunities for improvements to the software development lifecycle and to supporting DevSecOps technologies.
- Other duties as assigned
Requirements
- A Bachelor's degree in the physical sciences, mathematics, engineering, or computer science
- 5 years of experience in any combination of cybersecurity, software development, computer science, or engineering. At least 2 of these years must specifically be in the cybersecurity.
- Candidate must have an active SECRET DoD or DoE security clearance.
- Demonstrated experience successfully influencing teams outside of cybersecurity to improve their security posture.
- Candidate must be capable of satisfying DoD 8570.01M Information Assurance Technician Level III training requirements within six months of hire.
Candidates who have any of the following skills will be preferred
- Candidates will be strongly preferred who have an active TOP SECRET//SCI clearance.
- Candidates will be strongly preferred who have a CISSP or CISSP Associate certification, or an alternate qualifying certification satisfying DoD 8570.01M Information Assurance Technician Level III.
- Candidates will be preferred who have experience with the preparation of RMF accreditation packages, including familiarity with eMASS. Specific familiarity with NIST 800-53 and CNSS 1253 is a plus.
- Candidates will be preferred who can demonstrate prior experience in using threat modeling to develop a prioritized set of security controls to defend an information system. Familiarity with the MITRE ATT&CK framework is a plus.
- Candidates will be preferred who have experience with evaluating results from Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tooling.
- Candidates will be preferred who have experience in managing a high-assurance software development lifecycle and using DevSecOps tools and techniques to support software engineering. Familiarity with common application exploitation mechanisms and corresponding defenses is a plus.
- Candidates will be preferred who have bachelors or graduate degrees in cybersecurity, computer science, computer engineering, or related fields.
- Candidates will be preferred who have domain experience in remote sensing application
Benefits
SciTec offers a highly competitive salary and benefits package, including:
- 3% Fully Vested Company 401K Contribution (no employee contribution required)
- 100% company paid HSA Medical insurance, with a choice of 2 buy-up options
- 80% company paid Dental insurance
- 100% company paid Vision insurance
- 100% company paid Life insurance
- 100% company paid Long-term Disability insurance
- Short-term Disability insurance
- Annual Profit-Sharing Plan
- Discretionary Performance Bonus
- Paid Parental Leave
- Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
- Flexible work hours $114-$160k
The pay range for this position is $114,000 - $160,000 / year. SciTec considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills. This is not a guarantee of compensation.
SciTec is committed to hiring and retaining a diverse workforce and is proud to be an Equal Opportunity/Affirmative Action employer.
Tags: Application security CISSP Clearance CNSS Computer Science DAST DevSecOps DoD DoDD 8570 eMASS Mathematics MITRE ATT&CK NIST NIST 800-53 RMF SAST SDLC Security Clearance Top Secret
Perks/benefits: 401(k) matching Competitive pay Flex hours Flex vacation Health care Insurance Medical leave Parental leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs