Lead Cybersecurity Engineer

Описание вакансии

Dark Wolfis seeking a LeadCybersecurity Engineer to unify various cyber capabilities, systems, infrastructure, and data analytics to enable comprehensive cyber processing, analysis, exploitation, and dissemination in support of a wide range of cyber operations. The successful candidate willdesign, implement, and manage security measures to protect information systems from unauthorized breaches and cyber threats. They will ensure the confidentiality, integrity, and availability of sensitive data systems and architectures. This position is set to be supported in Chantilly, VA. Key responsibilities include, but are not limited to:

• Performing the hands-on hardening required for an ATO.
• Executing the Assessment & Authorization (A&A) process in accordance with government requirements.
• Conducting technical evaluation of information systems design, and information security aspects and accreditation.
• Performing vulnerability assessments using standardized tools and best practices (e.g., Nessus, DISA STIGs, CIS Benchmarks, AWS Well Architected Framework) and implementing configuration updates as required.
• Preparing comprehensive security assessment testing documentation to validate applied security controls in support of A&A testing.
• Assessing and mitigating system security threats, risks, and vulnerabilities throughout the program life cycle.
• Participating as a member of a security engineering team designing, developing, implementing, evaluating, and/or integrating security architectures, systems, or components.
• Assisting customer staff in resolving operational security issues involving vendors who support the program.
• Analyzing, modifying when necessary and maintaining the Program’s operational security posture.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline
• Active TS/SC Security Clearance (US Citizenship required)
• 12+ years of experience in IT Security, Information Assurance and/or Systems Security Engineering
• Experienced navigating and/or implementing security regulatory framework standards e.g. RMF, PCI/DSS,SOX and/or HIPAA
• Experience developing documentation; strong written and oral communication skills
• Comfortability and professionalism presenting to stakeholders
• Knowledge and experience in information systems security
• Knowledge of security system design tools, methods, and techniques
• Ability to harden containers for DoD use
• Experience applying STIGS
• Ability to develop best practices for processes and standards that will improve the system
• Working knowledge of IT security principles and methods
• Knowledge of network identity and access management (e.g.,RBAC/ABAC, Policy-based access)
• Knowledge of DoD/IC system security control requirements
• Knowledge of continuous monitoring practices
• Possesses strong technical skills and analytic ability

Desired Qualifications:

• Any certifications relevant to system and cyber security
• Experience using the XACTA application
• Experience with Common security tools such as Nessus, WASSP, SECSCN, and/or MBSA
• Experience with task management, metrics collection, and status reporting to management
• Proficient with Google Cloud Platform (GCP) technology
• Demonstrated knowledge/experience in the areas of resource allocation, workload management, and contract management
• Familiarity with the Joint Special Access Program (SAP) Implementation Guide (JSIG)
• Worked or familiar with the operations of a Special Access Program Facility (SAPF)
• Experience developing and/or leading ATO package development

The salary range for this position is estimated to be between $150,000.00 - $180,000.00, commensurate on experience and technical skillset.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

We are strictly looking for direct, full-time W2 employees. We do not engage with third-party staffing agencies, C2C, or 1099 independent contractors for this role.