Cyber Security Engineer
Woburn, Massachusetts, United States
STR has an exciting opportunity for a Cyber Security Engineer to function as a key contributor for the STR Enterprise Cybersecurity Compliance team. In this dynamic position you will interface and collaborate with other Cybersecurity/Information Assurance (IA) professionals, on NIST and CMMC compliance.
- Maintain corporate Splunk Enterprise Cloud Deployment to ensure Cyber Security Analyst and SOC services are alerted to incidents on the network.
- Perform Splunk engineering activities and be proficient in editing and maintaining Splunk configuration files and apps.
- Review/manage various IA Vulnerability Alerts (IAVA) (i.e., US-CERT, etc.) and overall remediation.
- Conduct both vulnerability and compliance scans of enterprise information systems.
- Support the development of RMF/CMMC documentation and control validation testing for Authority to Operate (ATO) accreditations.
- Support the development of cybersecurity requirements, design, and architecture.
- Implement Information Assurance and Information Security protections and requirements in program development and execution environments.
- Implement required security controls of networking devices, databases, operating systems, and hardware and software components.
- Collaborate with program and engineering disciplines and ensuring cybersecurity solution alternatives.
- Assist Cybersecurity Manager in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities.
- Conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
- 5+ years of progressive technical (hands-on) experience related to Information Assurance/Cyber Engineering requirements, development, and implementation.
- Experience with SP800-171, NIST SP 800-171A and NIST SP800-53 control implementation and assessment.
- Experience with Cybersecurity Maturity Model Certification (CMMC).
- Experience with recognizing and onboarding new data sources into Splunk Enterprise
- Experience with managing and implementing DISA (STIGs) and CIS Benchmarks.
- Experience with various IA vulnerability/compliance scanning tools (e.g., NMap, ACAS, Nessus, Security Content Automation Protocol (SCAP).
- Strong technical background with a variety of information security systems and tools including vulnerability management, anti-virus/malware, data loss prevention
- Ability to organize and prioritize numerous customer requests in a fast paced, deadline driven environment.
- Familiarity with PowerShell scripting.
- DoD 8570 IAM Level III certification (CISA, CISM, CISSP, etc.) or the ability to obtain within 6 months upon being hired.
- Currently holds an active Secret clearance and ability/willingness to be submitted and obtain a DoD Top Secret clearance.
All STR employees may be subject to COVID-19 vaccination requirement in response to Executive Order 14042 and accompanying Task Force Guidance, unless a medical or religious accommodation is formally approved by STR.
STR is a rapidly growing technology company with locations north of Boston, MA, Arlington, VA and near Dayton, OH. We specialize in advanced research and development for defense, intelligence, and national security, trying to understand how to protect our society: from stopping malicious botnet attacks, to understanding cyber vulnerabilities, providing next generation sensors, radar, sonar, communications, and electronic warfare to developing artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.
STR is committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging, but you go home at night knowing that you pushed the forefront of technology and made the world a little safer. We recognize that the world is changing, that it is becoming more connected than ever before, making things change faster than before, and reshaping society in the process. We all want to understand this changing world and leave it better for our work.
STR is not just any company. Our people, culture, and attitude along with their unique set of skills, experiences, and perspectives put us on a trajectory to change the world. We can't do it alone, though - we need fellow trailblazers. If you are one, join our team and help to keep our society safe! Visit us at www.str.us for more info.
STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.
If you need a reasonable accommodation for any portion of the employment process, email us at email@example.com and provide your contact info.
Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Lead Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Sr. Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Officer 3 jobs
- Open Offensive Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Analyst jobs
- Open DevOps-related jobs
- Open Audits-related jobs
- Open Analytics-related jobs
- Open Application security-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Ruby-related jobs
- Open Splunk-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Machine Learning-related jobs
- Open Intrusion detection-related jobs
- Open Docker-related jobs