Cybersecurity Engineer

About The Position

Requirements

• DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAM) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC).
• DoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP).
• Computing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification.
• 10+ years of relevant information technology experience supporting cybersecurity or information assurance programs.
• 5+ years of Operational Technology (OT) cybersecurity experience.
• Demonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis.
• Experience supporting cybersecurity compliance assessments within large enterprise IT environments.
• Strong analytical and problem-solving skills related to cybersecurity engineering challenges.
• Experience working with enterprise IT infrastructure, network security, and cloud-based systems.
• Experience with STIG compliance cycles, vulnerability management, and POA&M governance.
• Strong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages.
• Strong facilitation skills for IPTs/WG sessions and cross-functional coordination.
• There is a Secret security clearance requirement for this role at time of proposal submission.
• Able to travel within a week's notice.

Nice To Haves

• TS with SCI eligibility.
• Experience supporting DoD or DLA program offices.
• Experience supporting DoD or DLA environments.
• BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.
• Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.
• One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.
• Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).

Responsibilities

• CS engineering and system security design
• Provide CS engineering support for the planning, design, development, testing, and integration of DLA information systems
• Analyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design
• Integrate CS engineering principles into enterprise IT, cloud environments, and OT systems
• Support secure system architecture development and CS engineering documentation
• Conduct vulnerability assessment and risk analysis
• Conduct CS vulnerability assessments across DLA IT, Cloud, and OT environments
• Evaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses
• Perform risk assessments to determine the likelihood and impact of identified CS threats
• Develop mitigation strategies and technical recommendations to reduce system risk and improve CS posture
• Provide information assurance engineering support
• Perform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies
• Conduct CS assessments and security test and evaluation activities to validate compliance with CS standards
• Support CS engineering reviews for both classified and unclassified information systems
• Provide technical analysis of proposed CS policies and assess their impact on system architectures and security operations
• Conduct CS compliance and security control validation
• Evaluate compliance of DLA systems with CS policies, standards, and regulatory requirements
• Identify areas of non-compliance and recommend remediation actions
• Support implementation of security controls aligned with enterprise CS architecture
• Assist with development and maintenance of CS standards, guides, and implementation documentation
• Provide CS documentation and reporting
• Develop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses
• Produce implementation documentation and technical reports supporting CS engineering efforts
• Document vulnerability findings and recommended mitigation strategies
• Provide status updates and technical reports supporting project activities and CS operations
• Perform OT security engineering
• Evaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems
• Assess OT system architecture, network configurations, and system interfaces for potential vulnerabilities
• Provide CS engineering recommendations for OT system protection and risk mitigation

Benefits

• We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them.
• BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance.
• Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.