Senior Cybersecurity Engineer (SME) with DevSecOps
Dulles, Virginia, United States
Node.Digital
Market leader in Digital Transformation & Automation using Artificial Intelligence and Machine LearningSenior Cybersecurity Engineer (SME) with DevSecOps
Location: Dulles, VA
Must have an active Secret Security Clearance
Node is supporting a U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate a network operations environment, including introducing new cyber capabilities to address emerging threats.
Node is seeking a Senior Cybersecurity Engineer (CSE) Subject Matter Expert (SME) with DevSecOps experience to support the identification, implementation, and documentation as well as support the deployment of advanced cybersecurity capabilities.
The Senior CSE SME role is to effectively support Authorization and Accreditation (A&A) efforts through cyber risk assessment, policy analysis, National Institute of Standards and Technology (NIST) security control validation, and DHS 4300A system requirements. Provide expertise through recommendations associated with cybersecurity security test and evaluation, system vulnerability and compliance in support of Authorization and Accreditation (A&A) as well as continuous monitoring throughout the System Development Life Cycle within our digital environment e.g. Azure, AWS.
Responsibilities Include:
• Identify security requirements for a system;
• Ensure security requirements are planned, implemented, and tested; Support vulnerability testing of all code before submitting to Security, Testing and Evaluation (ST&E)
• Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests, and Configuration Change Requests
• Responsible for reviewing Port Open Requests (PORs)
• Review and input into the CONOPS
• Work with the ISSOs to gather security controls and documents to include writing and management updates with subject matter experts
• Responsible for any technical insertions
• Responsible for reviewing and tracking POA&Ms
• Pre-ST&E testing when able/applicable
• Work with the ST&E team to ensure the testing target is accessible and ready (Checklist and regular meetings)
• Work with ISSO, ISSE, and Security Control Accessors (SCA) to verify security approach in support of an ATO/ATP decision
• Work with the vulnerability management team to access and test the target (app/system)
• Work with the team to ensure the compliance and vulnerability findings are remediated, (or mitigated
• Monitor IAVM notifications from multiple channels and ensure actions for relevant issues are planned and implemented
• Take action to ensure the security of the development environment
Requirements
Required Skills:
• U.S. Citizenship
• Active Secret (S) clearance. Must be able to obtain a TS/SCI clearance
• Must be able to obtain DHS Suitability
• 8+ years of directly relevant cybersecurity engineering experience
• 2+ years experience with Agile software development programs
• Experience in intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
• Experience with standard security principles, policies, and industry best practices
• Practical experience hardening IT systems in compliance with STE/STIG guidelines
• Experience and knowledge of networking (TCP/IP, topology, sockets, and security), operating systems (Windows/UNIX/Linux), and web technologies (Internet security)
Desired Skills:
• Understanding of security technologies and concepts, experience in the design and implementation of secure network solutions including DMZs and web portals
• Knowledge of Information Assurance and Information Operations technologies and development activities
• Understanding of the processes and guidelines for Authorizing & Accrediting (DCID, ICD, NIST 800-53, SANS 20) information systems based upon experience on a large-scale development program
• Possesses or quickly develop a comprehensive understanding of Government Information Security policies, regulations, and guidelines
Required Education:
• Bachelor’s degree in Cyber Security, Information Security, Software Engineering, or a related discipline is required. [Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree
Desired Certifications:
• Certified Information Systems Security Professional (CISSP) certification is required.
• DoD 8570 IAM Level II certification required.
• Certified Ethical Hacker (CEH) certification desired.
Company Overview:
Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact.
Our Core Values help us in our mission. They include:
OUR CORE VALUES
Identifying the~RIGHT PEOPLE~and developing them to their full capabilities
Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner
We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence
Our mantra is “~Simple*Secure*Speed~” in the delivery of innovative services and solutions
Benefits
We are proud to offer competitive compensation and benefits packages to include
- Medical
- Dental
- Vision
- Basic Life
- Long-Term Disability
- Health Saving Account
- 401K
- Three weeks of PTO
- 10 Paid Holidays
- Pre-Approved Online Training
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation AWS Azure CEH CISSP Clearance Compliance ConOps DevSecOps DoD DoDD 8570 IAM IDS Intrusion detection IPS ISSE Linux Log analysis Malware Monitoring NIST NIST 800-53 Risk assessment SANS Security Clearance TCP/IP TS/SCI UNIX Vulnerability management Windows
Perks/benefits: Competitive pay Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs