More jobs:
Job Description & How to Apply Below
Cydecor is a premier Federal Government solutions provider, delivering differentiated innovations in mission systems and business platforms. We leverage leading-edge secure systems and software development, backed by industry-leading subject matter expertise, and business intelligence to enable decision-support and remain ahead of ever-evolving national security challenges. Our success rests squarely on three bedrock principles:
People, our center of gravity;
Mission, what inspires us; and an unyielding commitment to Excellence, what separates us.
Job Description:
We're looking for a cybersecurity engineer to support a large Navy readiness reporting program. The work is a mix of RMF and ATO sustainment, vulnerability management, and day-to-day cybersecurity engineering across an interconnected set of applications. You'll spend time in eMASS, in scan results, and in conversation with developers, sysadmins, and a small cyber team - not in isolation. If you like the operational side of cybersecurity - keeping systems accredited, closing real findings, and writing things down so they make sense to the next person - this is that role.
Responsibilities include:
Primary Responsibilities:
* Maintain RMF accreditation packages in eMASS: security plans, control evidence, test results, and POA&Ms.
* Triage and disposition IAVAs and other cybersecurity directives. Track remediation to closure.
* Support ATO submissions and ongoing continuous-monitoring work as systems and their environments change.
* Apply STIGs. Run vulnerability scans. Recommend and implement fixes that actually close findings, not just hide them.
* Document what you do. Other people need to be able to pick it up and keep going. Additional duties and Responsibilities of the Cybersecurity Lead Engineer include, but are not limited to the following:
* Keep your skills current. The DoD cyber landscape doesn't sit still and neither should you.
* Communicate findings and risk clearly - in writing and out loud.
* Help build the team's reusable patterns and procedures. Make the next ticket easier than the last one.
* Own your work. Escalate real problems early; don't let them age. Here's what you need:
* 5+ years in cybersecurity engineering, with 3+ years specialized in network security (firewalls, IPS, access controls, cross-domain solutions).
* 3+ years implementing RMF for DoD systems.
* Hands-on eMASS experience. Comfortable in scanners (ACAS/Nessus or equivalent), STIG application, and POA&M management.
* Experience triaging and dispositioning IAVAs and other cybersecurity directives.
* IAM Level II Information Assurance Certification (per DoDI 8570.01-M and SECNAV M-5239.2), or equivalent under DoDM 8140.03 at Basic or Intermediate proficiency. Bonus Points If You Have:
* CISSP, CISM, CySA+, GSEC, or similar;
Qualified Navy Validator designation; prior work on Navy or DoD systems; cloud security experience. Security Clearance:
* DoD Secret Clearance
Education:
* Bachelor's degree in computer science, cybersecurity, engineering, or a related technical field. Master's a plus. Additional relevant experience can substitute for the degree.
Work Schedule:
* M-F, 8 hours Compensation and Benefits:
Cydecor offers a comprehensive compensation package including Health and Dental Insurance, Vision and Life Insurance, Short-Term & Long-Term Disability, 401(K) + company match, Paid Time Off (PTO), Paid Company Holidays, Tuition and Professional Development Assistance and more. What We Believe We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization.
As a business imperative, every person at Cydecor has the responsibility to create and sustain an inclusive environment. Key Words:
Cybersecurity Engineer, Cyber Security Engineer, Information Assurance Engineer, Information System Security Engineer, ISSE, Cybersecurity Specialist, Cyber Engineer, RMF Engineer, RMF Analyst, Cybersecurity Analyst, Security Engineer, Security Compliance Engineer, Security Controls Assessor, Information Assurance, IA, Information Security, Cyber Defense, Cyber Operations, Risk Management Framework, RMF, Authorization to Operate, ATO, Continuous Monitoring, Con Mon, eMASS, Enterprise Mission Assurance Support Service, Security Authorization, NIST RMF, NIST 800-53, Security Controls, Security Assessment, Security Documentation, Security Plans, SSP, Plan of Action and Milestones, POA&M, Vulnerability Management, Vulnerability Assessment, Vulnerability Remediation, Vulnerability Scanning, ACAS, Nessus, Security Technical Implementation Guides, STIG, STIG Compliance, Security Compliance, Configuration Management, IAVA, Information Assurance Vulnerability Alerts, Cybersecurity Directives, Patch Management, System Hardening, Network Security, Firewall Management, Intrusion Prevention Systems, IPS, Access Controls, Cross Domain Solutions, CDS, Security Engineering, Systems Security Engineering, Enterprise Security,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×