Sr Cybersecurity Engineer

Sci Tec, Inc. is a dynamic small business with the mission to deliver advanced sensor data processing technologies and scientific instrumentation capabilities in support of National Security and Defense. Sci Tec supports customers throughout the Department of Defense and U.S. Government in building innovative new tools to deliver unique world-class data exploitation capabilities.

Important Notice:
Sci Tec exclusively works on U.S. government contracts that require U.S. citizenship for all employees. Sci Tec cannot sponsor or assume sponsorship of employee work visas of any type. Further, U.S. citizenship is a requirement to obtain and keep a security clearance. Applicants that do not meet these requirements will not be considered.

Sci Tec has immediate opportunities for experienced Staff and Senior Staff Cybersecurity Engineers.

• Stay up to date with latest revisions of NIST RMF revisions and develop/update policy documents as needed
• Document and implement security of the Continuous Integration (CI) pipelines in Git Lab CI/CD using JFrog Artifactory, Sonar Qube, and Ansible
• Develop threat models and other required documentation that describe end-to-end security of the SDLC
• Manage integration, security scanning, and deployment security of multiple applications into orchestrated frameworks
• Ensure software promotions comply with government security policies at all classification levels
• Manage AWS (Gov Cloud) security to maintain integrity of software artifacts
• Other duties as assigned.

• Bachelor’s degree in cybersecurity, computer science, engineering, mathematics, or physical sciences
• At least two years of professional experience building and executing Dev Ops or Dev Sec Ops  solutions using Continuous Integration / Continuous Deployment (CI/CD)
• Demonstrated experience in NIST RMF, CMMC, and STIG compliance
• Demonstrated experience in applying security best practices to containerized solutions and orchestration frameworks such as Docker, Podman, Kubernetes, etc.
• Demonstrated cybersecurity protocols are followed in development, test and production environments
• Knowledgeable with different types of software licenses (Public Domain, LGPL, Permissive, Copy Left, Proprietary)
• The ability to obtain and maintain a DoD security clearance
• Ability to work 100% on-site
• Detail oriented
• Good verbal and written communication skills

• Demonstrated experience with static and dynamic analysis tools
• Demonstrated experience with software package artifact management using JFrog Artifactory, Nexus or similar
• Experience with software vulnerability assessment and remediation using SAST/DAST and tools like Sonarqube
• Experience with Python3 or C++
• Experience with container security tools such as Grype, Syft, Snyk, etc.
• Systems and service administration in a Linux environment, including the installation and maintenance of applications supporting CI/CD like Gitlab, etc

* Resumes, Cover Letters, and Applications which are generated by AI will not be considered for employment.*

• 3% Fully Vested Company 401K Contribution (no employee contribution required)
• 100% company paid HSA Medical insurance, with a choice of 2 buy-up options
• 80% company paid Dental insurance
• 100% company paid Vision insurance
• 100% company paid Life insurance
• 100% company paid Long-term Disability insurance
• Short-term Disability insurance
• Annual Profit-Sharing Plan
• Discretionary Performance Bonus
• Paid Parental Leave
• Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
• Flexible work hours

The pay range for this position is $87,000 - $130,000 / year. Sci Tec considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills. This is not a guarantee of compensation.

Sci Tec is proud to be an Equal Opportunity employer. VET/Disabled.