Senior Cybersecurity Engineer

Sigma Defense is seeking a Senior Cybersecurity Engineer to document, advise, and assist in building a Cross Domain Solution (CDS) and perform Information Assurance (IA) Engineering functions across multiple networks. The ideal candidate is willing to work on a new program and help to implement the security package from the ground up.

Requirements

• 10+ years of relevant experience.
• Comprehensive knowledge of DoD cybersecurity requirements and the Risk Management Framework.
• Experience in developing and implementing security into infrastructure, platforms, and software across key tasks and high impact assignments.
• Experience applying CNSSI 1253 and NIST SP 800 series standards.
• Experience applying DISA Security Technical Implementation Guides (STIG) and Security Requirement Guides (SRG) standards, particularly Cloud Computing SRG.
• Knowledge of NCDSMO policies and processes and Raise-the-Bar standards for cross-domain technologies.
• Experience with web-based Assessment and Authorization platforms (e.g., Xacta).
• Understanding of cybersecurity threats and countermeasures.

Mandatory Credentials:

• CISSP
• Security+

Computer Programs/Software:

• SCAP
• ACAS
• VISO
• Wireshark

Personnel Clearance Level:

• Candidate must possess or have the ability to obtain an active, DoD-issued TS/SCI clearance.

Education Requirements:

• Bachelor's degree from an accredited college or university in Cybersecurity or related field of study.

Essential Job Duties (not all-inclusive):

• Provide cybersecurity expertise for system security engineering and assessment and authorization activities.
• Work with other cybersecurity personnel and system engineers to evaluate new capabilities and determine the appropriate RMF assessment and authorization approach for new systems or capabilities; or updates/changes to the existing authorization package.
• Integrate cybersecurity assessment activities into test plans and conduct said activities to inform Site-Based Security Assessments for cross-domain technologies; generate associated test reports.
• Generate and maintain the system RMF Body of Evidence per CNSSI 1254.
• Support continuous monitoring using established vulnerability management processes outlined in NIST 800-53 series and CNSSI 1253.
• Run monthly ACAS scans to identify vulnerabilities that require remediation or mitigation.
• Identify and implement required configuration updates based on the latest DISA Security Technical Implementation Guidelines (STIG) on a quarterly basis using SCAP tools as well as manual review processes.
• Develop and maintain Plans of Actions and Milestones (POA&Ms) to mitigate findings from the vulnerability scans and STIG review.
• Provide updated security artifacts based on changes to the system baseline.
• Provide updated information and/or documentation to the government customer.

Salary Range: $150,000-$180,000 annually.

Benefits:

• Dental and Vision Insurance
• Medical Insurance to Include HSA, FSA, and DFSA Plans
• Life and AD&D coverage
• Employee Assistance Program (EAP)
• 401(k) Plan with Company Matching Contributions
• 160 Hours of Paid Time Off (PTO) with Carry-Over up to 240 hours