M.C. Dean, Inc. · 8 hours ago
Cyber Engineer 4 - Annapolis Junction, MD
Annapolis, MD
Full-time
Onsite
Mid, Senior Level
$125K/yr - $188K/yr
5+ years expM.C. Dean is Building Intelligence, designing and maintaining cyber-physical solutions for critical facilities and enterprises. The Cyber Engineer 4 will work with a team to implement cybersecurity measures and ensure compliance with security standards for complex systems.
Information Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Design, implement, and maintain Department of Defense provided Security and Vulnerability tools including Host Based Security System (HBSS), Splunk, and Microsoft Defender for Endpoints
Support authorization/reauthorization efforts in alignment with the Department of Defense Risk Management Framework (RMF), NIST 800-53 (e.g. develop and apply Active Directory Group Policy Objects, develop deployment packages, etc.)
Analyze new security requirements, define courses of action, and design enterprise solutions, coordinating with engineering and operations teams to implement within the environment
Formalize and execute a process for communicating vulnerability results in a manner understood by technical and non-technical stakeholders based on risk tolerance and impact to the environment
Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds
Design, implement, and maintain, scripts used in asset discovery and vulnerability status
Conduct continuous independent discovery and vulnerability scans/security assessments of enterprise-wide assets and proactive control testing
Set up and execute Nessus scans; establish automated reporting
Document, prioritize, and formally report asset and vulnerability state, along with remediation recommendations and validation
Coordinate with system owners and system administrators/technical points of contact to identify system vulnerabilities, conduct vulnerability analysis, and formulate remediation strategies
Develop packages for complex remediation efforts and coordinate with vulnerability remediation specialists for deployment
Support and monitor patch management compliance across the infrastructure to align to audit requirements
Identify and apply DISA Security Technical Implementation Guide (STIG) benchmarks
Conduct manual STIG reviews
Support preparation of Plan of Action & Milestones (POAM) development to support compliance and authorization/reauthorization activities
Prepare and disseminate regular Cyber Compliance/vulnerability reporting; interact with the customer to explain results and address issues
Contribute to the development of Standard Operating Procedures, Work Instructions, User Guides, and checklists
Work as a team to consistently learn and share advanced skills and foster team excellence
Actively collaborate with the ISSO to develop, maintain, and enhance cyber security controls
Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface
Qualification
Required
ACTIVE TS/SCI w/ Poly clearance REQUIRED
5+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity
7+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity
Working with industry and government agencies on the design of platforms and integrated systems
Working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.)
Proficiency with ACAS and HBSS and mitigation strategies
Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS
Establishing, managing, and tracking of Plan of Action & Milestones (POA&M)
Applying STIGs to servers, databases, applications, and other hardware
Security Readiness Review (SRR) Tools (scripts and ACAS)
Ability to identify, maintain, and troubleshoot control network components
Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation
Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility
Working knowledge of operational control systems and implementing a variety of security assessment tools
Working knowledge of other operational control systems
Familiarity with DoDIN CCRI/CCORI and CYBERCOM TASKORDS
Familiarity with various industry products
One Of The Required Certifications: CASP CE, CISSP, CISSP – ISSAP, CISSP - ISSEP, CSSLP, CISA, CISM, GCED, GCIH
Strong Oral, Written and Presentation Skills with the ability and experience communicating directly with Customers
Demonstrated background working with multidisciplinary teams
Demonstrated time management and organization skills to meet deadlines and quality objectives
Preferred
Strong MS Excel, Word, PowerPoint, AUTOCAD, Cameo and Visio Skills is a plus
Benefits
Medical, dental, vision, life, and disability insurance
Paid time off
Tuition reimbursement
401k Retirement Plan
Military Reserve pay offset
Paid maternity leave
Company
M.C. Dean, Inc.
M.C. Dean, Inc. offers comprehensive technological systems in Washington.
5001-10000 employees
Funding
Current Stage
Late StageLeadership Team
Bill Dean
Chief Executive Officer
Chris Frazier
Marcomm Business Partner
Recent News
EIN Presswire
2025-11-14
2025-10-04
Company data provided by crunchbase