NorthHill Technology Resources has a need for a Cyber Security Engineer to support a critical Federal Program in Mclean, VA. This is a direct-hire role with our client, a highly-respected Federal Integrator in the Intelligence Community. An active TS/SCI Clearance and CI Polygraph is required.
Cyber Security Engineer:
The Cyber Security Engineer provides support to the program Information Systems Security Engineer (ISSE), lending their expertise on security requirements governing design, implementation, and deployment of customer high performance compute, storage and network infrastructures. The Cyber Security Engineer will be involved in the implementation and execution of security controls, certification test plans, and other activities needed to achieve and maintain system Authority to Operate. The Cyber Security Engineer may also provide COMSEC support and systems integration on-site support, where on-site could be Northern VA area or at the data center location. Must have active TS/SCI and CI Poly.
Required Skills
5+ years of experience in system security certification and accreditation to include system hardening, and in-depth knowledge of security protocols and practices.
Understanding of the Risk Management Framework (RMF) and the NIST 800-53 policy documents, and other security accreditation-related documentation.
Ability to support the ISSE to identify project security requirements.
Prior work adhering to security document/artifacts, such as Security Requirements Traceability Matrixes (SRTMs), System Security Plans (SSPs), Disaster Recovery (DR), Security Technical Implementation Guides (STIGs), and/or other IA documentation.
Proficiency with security scanning tools such as ACAS, Nessus, HBSS, NetWitness, etc. and performing security testing on a customer’s network.
Experience in securing virtualized, Linux, and Kubernetes containerized environments, with familiarity in working with open-source code.
Experience conducting Continuous Monitoring (ConMon) activities for weekly, monthly, quarterly and annual controls.
Coordinating with system development teams to ensure network security standards are followed and implemented correctly. Assist engineers and development team with securing solutions to STIGs and other standards.
Ability to review and analyze new system hardware and software and provide recommendations concerning system security.
Maintain Government-provisioned Communications Security (COMSEC) as required.
CompTIA Security+ certification.
Desired Skills
Experience with Infrastructure as Code (IaC) automation tools (Ansible, Terraform, Jenkins).
Proficiency in scripting for Python, Bash, PowerShell, or JavaScript-based applications.
Education Requirements
Bachelor’s degree in computer science, networking, systems engineering or security related fields.
Work experience in relevant fields may be considered for equivalency.