Systems Security Engineer
- Posted 6 Days Ago
- Full time
- Herndon, VA
Sierra Nevada Corporation (SNC), in Herndon VA is working on medium to large scale information and technology solutions. We work on deep technical problems that span a variety of missions. We are seeking a Systems Security Engineer who feels strongly about supporting and improving these solutions to make an impact on our customers’ missions. As a Systems Security Engineer at SNC, you will have the opportunity to support multiple programs across the organization. You will apply Information Technology(IT) and cyber security approaches/methodologies to a wide variety of information systems, in support of our government customers. As an SNC Systems Security Engineer, you will design, test, implement, and assess secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
PRIMARY RESPONSIBILITIES INCLUDE:
- Conduct risk and vulnerability assessments at the network, system and application level.
- Conduct threat modeling exercises.
- Develop and implement security controls.
- Formulate operational risk mitigations.
- Assist in security awareness across the project team, program managers, and SNC leadership.
- Be involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Research, evaluate and recommend new security tools, techniques, and technologies.
- Prepare security reports to regulatory agencies.
- Perform and/or support Security Audits.
- Facilitate Authority To Proceed (ATP), Interim Authority To Test (ATT), and Authority To Operate (ATO) efforts.
- Decompose security requirements into product backlog items.
- Brief internal and external stakeholder decision-makers on security risks and alternative courses of action through mediums such as presentations, documentation, and discussions.
REQUIRED EXPERIENCE AND SKILLS:
- Bachelor of Science degree or higher in cyber security, computer science, software engineering or a related technical field.
- 3+ years of applicable experience with Risk Management Framework (RMF).
- Experience building and/or maintaining security systems.
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Experience with developing security test plans, Plan of Actions & Milestones (POA&Ms), and other ATO artifacts
- Experience running vulnerability scans and Security Technology Implementation Guide (STIGs), as well as understanding and mitigating findings.
- Thorough understanding of the latest security principles, techniques, and protocols.
- Excellent communication skills, both verbal and written.
- Ability to work both independently and as part of a team.
- Strong problem solving skills.
- Ability to obtain a DOD clearance required.
DESIRED EXPERIENCE AND SKILLS:
- Prior experience as a system security engineer or information security engineer.
- Experience with network security and networking technologies and with system, security, and network monitoring tools.
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
- Detailed technical knowledge of database and operating system security.
- Experience working within an agile program environment.
- Experience with agile tools such as JIRA and Confluence.
- Understanding of cloud architecture.
- DoD TS/SCI Security Clearance.
This position requires an active Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-US citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the US, foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.