The Cybersecurity Engineer is responsible for performing cybersecurity assessments of large and complex Industrial, Space and C4ISR systems. The position will accredit systems through the Risk Management Framework (RMF) for DoD IT process. This position will develop, review, and critique assessment and authorization (A&A) documentation in compliance with DoD cybersecurity policy and agency guidance, including DoD 8500 series and NIST special publications. The Cybersecurity Engineer will assess program security compliance, support program briefs, and coordinate and compile program security documentation for various programs; provide A&A and cybersecurity support, including RMF, assessing compliance with security technical implementation guides (STIGs), reviewing automated scans, security test and evaluation (ST&E), vulnerability assessments, and computer security responses, and creating and managing RMF packages. Additionally, this position will be responsible for the planning of continuous monitoring of cybersecurity policies, programs, compliance artifacts, and standards in support of compliance, systems accreditation, and management. The Cybersecurity Engineer will perform technical audits and report findings directly to the customer by briefing customer/government leadership on technical vulnerabilities and prepare brief slides and summary of findings analyses. Lastly, the Cybersecurity Engineer will be expected to consult on the assessment of the effectiveness of an organization’s IT security training program. This position reports directly to the project manager.

Location

Philadelphia, PA

Shift

M-F, Days

Travel

15%

Minimum Security Clearance

Secret

Required Qualifications and Skills

• Act as the engineering and technology lead for designing secure network and implementing system security compliance policies.
• Conduct vulnerability assessments and security scans of both systems and networks to identify and mitigate security vulnerabilities.
• Conduct Risk Assessment analyses of results; identify potential for exploitations and assign risk levels to systems.
• Review and approve team’s analysis of vulnerabilities identified as being required for functionality; Present security and accreditation impacts from not closing these vulnerabilities to customers and recommend alternate courses of action.
• Perform quality assurance and approve information assurance-related reports and documentation generated by the team. Review status of all milestones.
• Provide SME expertise on current with threats/product vulnerabilities with a particular focus on how they relate to DOD systems.
• Participate in general engineering reviews and report on subjects affecting systems security.
• Consult with customers to gather and evaluate functional requirements and translate these requirements into secure technical solutions.

Education and Training Required

• Bachelor’s degree in Computer Science, Engineering or related field and five (5) years of experience or, in lieu of a Bachelor’s degree, ten (10) years of experience
• Certified Information Systems Security Professional (CISSP) designation or a GIAC Security Leadership Certificate (GSLC)
• DoD 8140 IAT II Certification

Minimum Years of Experience

3+

______________________________________________________________________________________________________________________________________

Gnostech is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status. For more information, please visit www.eeoc.gov
If this position requires a government clearance, the applicants selected will be subject to a government security investigation and must meet eligibility requirements for accessing classified information.
If you require assistance to complete this application, please contact the Staffing Coordinator at 719-219-7472 or staffinghr@gnostech.com