Satellite Communications Systems Security Engineer, Mid

About The Position

Requirements

• 3+ years of experience developing, testing, validating, and implementing STIG requirements for systems, conducting periodic self-assessments of systems to ensure STIG compliance, and creating STIG checklists to support periodic self-assessments
• 3+ years of experience performing IAVM activities such as IA Vulnerability Alerts (IAVA), bulletins, tasking orders, and technical advisors, to develop a systematic approach for responses to IAVM issues impacting system security posture, and developing engineering solutions and coordinating responses with cybersecurity leadership to ensure system security solutions are compliant
• 3+ years of experience implementing and validating technical solutions for Endpoint Security Solutions (ESS), Assured Compliance Assessment Solution (ACAS), and Continuous Monitoring and Risk Scoring (CMRS) for capabilities, including assessing ACAS scans, developing engineering strategies for vulnerability remediation, documenting assessment results and mitigations in vulnerability management reports, and testing and deploying patches or upgrades required for vulnerability remediation
• 3+ years of experience reviewing and validating engineering and cybersecurity change requests to ensure proposed changes will not negatively affect system operational availability and meet security compliance requirements
• Knowledge of RMF and its applicability to network and IT infrastructures such as Cisco routers, switches, active directory, and access control
• Ability to perform user management in Windows or Linux operating system, and virtual machine management with VMware or Microsoft Hyper-V
• Ability to execute, analyze, secure, and accredit DoD communication systems using RMF methods and techniques, perform IAVA analysis and resolution, document POA&Ms, and create security documents necessary for assessments
• Top Secret clearance
• Bachelor’s degree in a Science, Technology, or Engineering field
• Security+ Certification

Nice To Haves

• Possession of excellent verbal and written communication skills
• Cybersecurity Certification such as CISSP or Certified Ethical Hacker Certification, or Networking Certification such as Network+ or Cisco Certification
• Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

Responsibilities

• Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
• Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises.
• Perform risk and vulnerability assessments in network, system, and application areas.
• Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.
• Participate in the development of test strategies and conduct of testing, validating, and implementing applicable STIG requirements for current or new systems.
• Conduct periodic self-assessments of systems to ensure STIG compliance.
• Create STIG checklists to support periodic self-assessments.
• Perform Information Assurance Vulnerability Management (IAVM) activities such as IA vulnerability alerts, bulletins, and tasking orders.
• Develop a systematic approach for responses to IAVM-related issues, to maintain system compliance.

Benefits

• Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
• Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
• Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.