Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Senior IT System Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree. Will support contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of products. Will gain experience in developing Risk Management Framework (RMF) artifacts and system categorization. Will gain experience with security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems. Will interact directly with multidiscipline professionals in the planning and implementation of assigned projects.
• Bachelor in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2.
• 3-5+ years of experience in cyber security.
• Experience with the Risk Management Framework (RMF), knowledge of system security architectures and engineering approaches to building system security solutions.
• Understanding of security vulnerabilities found via security tools (i.e., Nessus/Tenable, NMAP, Infrastructure devices, and others). Strong understanding of system and infrastructure security.
• Excellent written and oral communication skills.
• Proficient in Linux and Windows operating systems, Windows Active Directory, VMWare and VCenter (ESXI), and Windows workstations.
• Experience with Video Management Software (ie. Milestone digital video recorders).
• Working knowledge administering Microsoft SQL Servers.
• Any of the IA certifications identified in DoD 8570 Approved Baseline Certifications preferred.
• Able to travel domestically and internationally up to 20% to support projects.
• Able to acquire a United States Secret Security clearance.
• Being a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF).
• Evaluating new and existing systems and architects the software, firmware, and hardware requirements from a IT system engineering perspective.
• Participating in development efforts to ensure cybersecurity controls are integrated to meet platform security posture.
• Participating in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Performing product security reviews with the ability to communicate issues and risks in business terms and making recommendations that balance risk/reward tradeoffs.
• Recommending cybersecurity defense and countermeasures for avionics product designs.
• Researching, evaluating, and assessing emerging cyber security threats and technologies.
• Evaluating and testing new cybersecurity tools and capabilities such as but not limited to vulnerability management, Security Information and Event Management (SIEM), Network Management Systems (NMS), Incident Responses, Disaster Recovery, and Security Operations.
• Conducting research and preparing reports based on findings, to include recommendations or alternative proposals for action.
• Providing general guidance or training to lower-level staff. Assisting in cost/scope estimation. May lead small tasks.
• Providing solutions to a variety of technical problems of moderate scope and complexity as part of a project team.
• Providing technical solutions to a wide range of difficult problems. Solutions are creative, thorough, and practical.
• Installing and maintaining Hardware, Storage and Integration for Computer Systems.
• Designing the hardware, storage needs, integration requirements, etc. to meet the needs of the program. This may also include configuring components, and troubleshooting any issues during and after implementation.
• Designing, developing and implementing IT Infrastructure for engineering programs. Participating in overall IT planning, bringing a current knowledge and future vision of technology and systems to meet customer needs.
• Monitoring systems and making necessary adjustments and minor repairs to keep these systems operating smoothly. Performing scheduled maintenance on systems to avoid any down time due to system issues. Included in the IT System Engineer’s responsibilities are diagnosing production problems and providing technical, strategic and procedural support to their organizations.