Senior Cybersecurity Engineer SME

!! Only apply if you have at least an active secret clearance !!

Job Title: Senior Cybersecurity Engineer (CSE) Subject Matter Expert (SME) with DevSecOps experience

Location: Dulles, VA
Duration: Contract to Hire

Qualifications:

• Active Secret (S) clearance. Must be able to obtain a TS/SCI clearance
• Must be able to obtain DHS Suitability

Job Summary:

We are seeking a Senior Cybersecurity Engineer (CSE) Subject Matter Expert (SME) with DevSecOps experience to support the deployment of advanced cybersecurity capabilities. The Senior CSE SME role is to effectively support Authorization and Accreditation (A&A) efforts through cyber risk assessment, policy analysis, National Institute of Standards and Technology (NIST) security control validation, and DHS 4300A system requirements. Provide expertise through recommendations associated with cybersecurity security test and evaluation, system vulnerability and compliance in support of Authorization and Accreditation (A&A) as well as continuous monitoring throughout the System Development Life Cycle within our digital environment e.g. Azure, AWS.

Job Responsibilities:

Identify security requirements for the system; 
Ensure security requirements are planned, implemented, and tested; Support vulnerability testing of all code before submitting to Security, Testing, and Evaluation (ST&E) 
Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests, and Configuration Change Requests 
Responsible for reviewing Port Open Requests (PORs) 
Review and input into the CONOPS 
Work with the ISSOs to gather security controls and documents to include writing and management updates with subject matter experts 
Responsible for any technical insertions 
Responsible for reviewing and tracking POA&Ms 
Pre-ST&E testing when able/applicable 
Work with the ST&E team to ensure the testing target is accessible and ready (Checklist and regular meetings)
Work with ISSO, ISSE, and Security Control Accessors (SCA) to verify security approach in support of an ATO/ATP decision 
Work with the vulnerability management team to access and test the target (app/system) 
Work with the team to ensure the compliance and vulnerability findings are remediated, (or mitigated 
Monitor IAVM notifications from multiple channels and ensure actions for relevant issues are planned and implemented.
Take action to ensure the security of the development environment

Job Required Qualifications:

Bachelor’s degree in Cyber Security, Information Security, Software Engineering, or a related discipline is required. [Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree
Active Secret (S) clearance. Must be able to obtain a TS/SCI clearance 
Must be able to obtain DHS Suitability 
8+ years of directly relevant cyber security engineering experience 
2+ years’ experience with Agile software development programs 
Experience in intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis 
Experience with standard security principles, policies, and industry best practices 
Practical experience hardening IT systems in compliance with STE/STIG guidelines 
Experience and knowledge of networking (TCP/IP, topology, sockets, and security), operating systems (Windows/UNIX/Linux), and web technologies (Internet security)

Job Desired Qualifications:

Understanding of security technologies and concepts, experience in the design and implementation of secure network solutions including DMZs and web portals 
Knowledge of Information Assurance and Information Operations technologies and development activities 
Understanding of the processes and guidelines for Authorizing & Accrediting (DCID, ICD, NIST 800-53, SANS 20) information systems based upon experience on a large-scale development program 
Possesses or quickly develops a comprehensive understanding of Government Information Security policies, regulations, and guidelines

Job Benefits:

Comprehensive Benefits: Health, dental, and vision coverage for you and your family.
Financial Security: Build a strong future with our 401(k) plan.
Work-Life Balance: Generous Paid Time Off (PTO) and sick leave policies.
Professional Growth: Ongoing learning and development opportunities.
Cutting-Edge Environment: Work with the latest tools and technology.
Inclusive Culture: Thrive in a diverse and collaborative workplace.
Employee Assistance Program: Confidential counseling and support services.
Wellness Initiatives: Fitness classes and mental health resources.
Community Engagement: Contribute to positive change through volunteer programs.