Cybersecurity Project Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nightwing · 5 months ago

Cybersecurity Project Engineer

positionSterling, VA
timeFull-time
remoteOnsite
seniorityMid Level

Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. The Cybersecurity Project Engineer will support the integration of security controls into the infrastructure environment, collaborate with teams to assess and mitigate risks, and conduct comprehensive security assessments.

Information Technology & Services
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Supports The LSA To Identify, Design, And Deploy Security Controls And Subsystems To Support The On-premises Secure Multi­ Tenant Infrastructure Environment (CUSTOMER)
Collaborates With The Platform And Operations Teams To Integrate Security Controls Into The IaaS Environment
Discovers And Mitigates Cybersecurity Risks, Assesses The Security Controls Implemented Within And Inherited By The System
Understands And Applies Policies To Address Requests For Information On Cyber Best Practices
Conducts Risk Assessments For Specialized Devices
Provides Information System Security Expertise
Collaboratively Works Closely With Platform And Operations Teams, Sponsor, Information System Security Officers And Managers, As Well As The Authorizing Officials (AO) To Conduct Comprehensive CNSSI 1253 And NIST SP 800-53a Assessments Of The Management, Operational, And Technical Security Controls
Work with LSA, technical team to develop template/tools for automating the deployment of security controls in the CI/CD pipeline and the continuous automated/enhanced assessments or O&M of vulnerability scan tools
Facilitates meetings, analyzes authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with team stakeholders
Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans and security plans)
Identify and recommend mitigations for potential avenues of exploitation, including system level attacks and user level attacks
Advises and assists with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP)
Develops and documents security evaluation test plans and procedures
Develops SCA artifacts, including the Security Assessment Plan (SAP), Security Assessment Reports (SAR), and Remediation Actions
Experience with developing Plans of Action and Milestones (POA&Ms), including providing risk mitigation strategies, steps, and milestones
Conducts hands on security testing, analyzes results, documents risks, and recommends countermeasures
Applies working knowledge of Industry Best Practices (e.g. SANS Top 20) National/International policies and standards and how they relate to the A&A process
Applies working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process
Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation

Qualification

Network security principlesSecurity toolsTechnologiesCloud securitySecurity frameworksScriptingAutomationIncident responseSecurity documentationAnalytical skillsProblem-solving skillsCommunication skillsInterpersonal skillsTeamwork

Required

Strong understanding of network security principles and technologies
Experience with security tools and technologies (e.g., firewalls, intrusion detection systems, anti-malware software)
Knowledge of operating systems and their security configurations
Familiarity with security protocols and standards (e.g., NIST Framework, ISO 27001)
Ability to identify and assess security vulnerabilities
Strong problem-solving and analytical skills
Excellent communication and interpersonal skills
Ability to work independently and as part of a team
Experience with scripting and automation
One or more of the following: CompTIA Security+, CISSP, CISA, CISM, CCSP, SSCP, GIAC Security Essentials

Preferred

Experience with cloud security (e.g., AWS, Azure, GCP)
Knowledge of security information and event management (SIEM) systems
Experience with incident response and forensic analysis
Familiarity with various security frameworks (e.g., SCDO, OWASP)
Experience with ethical hacking techniques
Experience with scripting languages (e.g., Python, PowerShell)
Ability to create and maintain security documentation

Company

Nightwing

twitter
company-logo
We are the intelligence services company that continually redefines the edge of the possible to keep advancing our national security interests.
people-size1001-5000 employees
web-link
https://nightwing.com

Funding

Current Stage
Late Stage
Company data provided by crunchbase