Apply on Employer Site

The Applied Research Laboratory at Penn State University · 12 hours ago

Cyber Security Systems Engineer

San Diego, CA

Full-time

Onsite

Senior Level, Lead/Staff

$86K/yr - $164K/yr

6+ years exp

The Applied Research Laboratory at Penn State University is seeking a self-motivated Cyber Security Engineer to join their Joint Mission Integration and Experimentation Division. The role involves defining and implementing cybersecurity architecture for cloud environments, collaborating with stakeholders, and ensuring security control validation across multiple domains.

Universities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Define, communicate, and implement cybersecurity architecture and administration processes for cloud environments across multiple network domains

Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to ensure design, implementation, verification, and continuous monitoring of cloud solutions across multiple domains

Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents operating within Cloud environments in alignment with existing RMF packages

Apply secure software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality

Perform application security assessments in a DevSecOps continuous integration and continuous deployment (CI/CD) environment in support of client cybersecurity efforts

Perform activities, including assessment planning, analysis, and reporting

Employs best practices when implementing security controls, secure architecture and design to include software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality

Responsible for the coordination, generation and oversite of RMF documentation for the successful accreditation of multiple cloud environments including the Cyber Security Strategy and Continuous Monitoring Plans as well as overall program lifecycle RMF requirements to include but not be limited to patch management, supply chain, change and defect management

Mentor and supervise team members, as needed

Interface with Information System Security Officers (ISSO) and Information System Security Managers (ISSM), including reviewing documentation, systems security plans (SSPs), risk assessment reports, accreditation packages, and Plan of Actions and Milestones (POA&Ms)

Work independently to develop RMF A&A documentation and artifacts to obtain RMF Authority to Operate (ATO)

Qualification

Risk Management Framework (RMF)Cybersecurity architectureCloud environmentsApplication security assessmentsSecurity engineering principlesNIST 800-53 complianceVulnerability managementAgile processDevSecOpsWindowsLinuxConfiguration managementGovernanceRiskComplianceCertifications CISMCertifications CISSPCertifications etc.Team mentoringTechnical documentation

Required

Multiple years of experience with developing Risk Management Framework (RMF) products and working through system accreditations to ensure RMF implementation across multiple environments

Experience in security focused system design that can be scalable across multiple domains while accounting for security requirements across multiple system architectures

Background providing subject matter expertise in a cyber domain, including vulnerability management and assessment, scanning tools, and assessing system compliance with security controls

Versed in reviewing policy, planning compelling evidence documents, and writing test results for NIST 800-53 / JSIG Security Controls and Assessment Procedures

Active TS/SCI security clearance

Master's Degree 8+ years of relevant experience; or an equivalent combination of education and experience accepted (if filled as Cyber Security Systems Engineer - Principal Professional)

Bachelor's Degree 6+ years of relevant experience; or an equivalent combination of education and experience accepted (if filled as Cyber Security Systems Engineer - Senior Professional)

Ability to obtain a government security clearance

Must be a U.S. citizen to apply

Preferred

Delivering configuration management (CM) for information system security software, hardware, and firmware

Past experience as a System or Network Administrator

Work experience with Windows and Linux environments

Ability to analyzing technical and policy documentation for DoD organizations

Developing training materials in compliance with DoD or DON RMF process training

Experience with eMASS, ACAS and applying STIGs

Governance, Risk, and Compliance (GRC), CISM, CCISO, CISSP, GIAC, GSLC, or CASP+ Certification

Benefits

Comprehensive medical, dental, and vision coverage

Robust retirement plans

Substantial paid time off which includes holidays, vacation and sick time

Generous 75% tuition discount, available to employees as well as eligible spouses and children

Company

The Applied Research Laboratory at Penn State University

The Applied Research Laboratory at Penn State University is an integral part of one of the leading research universities in the nation.

Founded in 1945

State College, Pennsylvania, USA

1001-5000 employees

https://www.arl.psu.edu

Funding

Current Stage

Late Stage

Leadership Team

James Dromazos

CFO and Director of Business Services

Company data provided by crunchbase