Product Security Engineering 2 jobs in United States
cer-icon
Apply on Employer Site
company-logo

LanceSoft, Inc. · 3 months ago

Product Security Engineering 2

positionSt Charles, MO
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
money$56.79/hr - $64.90/hr
date1+ years exp

LanceSoft, Inc. is seeking a Product Security Engineer to join their team at Encode, Inc., a fully owned subsidiary. The role involves assessing and maintaining the security posture of advanced weapons programs while collaborating with cyber compliance teams to remediate vulnerabilities.

Information Technology
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assess organization-wide security and privacy risk and update assessment results on an ongoing basis
Perform system analysis and develop system test for cyber threats, cyber test activities, and the cybersecurity of large-scale events
Ensure product security engineering development lifecycle is followed, with an emphasis on clear requirements development/verification (using CAMEO)
Perform criticality analysis to include the ability to work with suppliers, identify critical components, and integrating them into the overall system
Perform cyber risk assessments and develop risk mitigation plans (i.e., POA&Ms, SCRM, etc.) using a variety of tools including but not limited to CAMEO
Support and facilitate various ATO/IATT packages including processing IAVMs and CTOs for the same
Perform software assurance tasks, including but not limited to software assurance risk reports
Support proposal development efforts, including but not limited to: BOE generation, GR&A development, trade study analysis
Support the engineering installation & analysis of patches and various system updates and upgrades to determine system consequence of these changes
Attend, collect data from, out brief, and facilitate collaboration and project management from various program boards
Applying Security Technical Implementation Guides (STIGs)
Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools
Documentation and verification of all installation and configuration steps for the labs and operations deliveries
Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes
Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations
Support cyber threat intelligence activities
Support the development and maintenance of cyber scanning, patching, remediation, tools and applications
Support, as required, TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers as needed
Perform and/or support the development of tools for cyber forensics
Develop, define efficiencies and improvements to tools to improve team productivity
Perform system analysis trade studies to define technical concepts and solutions

Qualification

DoD 8570 CertificationProduct Security EngineeringCybersecurity FrameworksCAMEOWindows/RHEL System AdminAudit Tools ScriptingSoftware AssuranceFISMA/RMF ComplianceAnalytical SkillsCommunication SkillsCollaboration SkillsOrganizational Skills

Required

Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science
Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA)
1+ years of experience in product security / cybersecurity engineering
1+ years of experience with industry standard cybersecurity frameworks (NIST, OWASP, DFARS)
Experience using analytical, collaboration, communication and organizational skills
This position requires an active Top Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Preferred

Experience using CAMEO (proficiency preferred)
2+ years of experience in Windows/RHEL System admin experience, installing, tuning & troubleshooting Cyber Tools to include ESS/HBSS, ConfigOS, Splunk, etc
2+ years of experience in configuring, running, and scripting audit tools
2+ years of experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g. Fortify)
Experience with Federal Information Security Management Act (FISMA)/RMF and National institute of Standards and Technology (NIST) 800-53 requirements
Experience leading system and component level cyber test and evaluation, including threat and security assessments, and tabletop exercises
Experienced self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concept
Growing understanding of DoD defense systems architectures and communications system concepts, mission, and common system test and data analysis techniques

Company

LanceSoft, Inc.

twittertwitter
Glassdoor4.1
company-logo
Established in 2000, LanceSoft is a pioneer in delivering top-notch Global Workforce Solutions and IT Services to a diverse clientele.
dateFounded in 2000
location
Herndon, Virginia, USA
people-size5001-10000 employees
web-link
http://www.lancesoft.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Ram Karuppusamy
Chairman & CEO
linkedin
leader-logo
Simon Dealy
Chief Financial Officer
linkedin
Company data provided by crunchbase