Cyber Security Engineer with Security Clearance

Cyber Security Engineer with Security Clearance

Job Title: Cybersecurity Engineer
Job Location: per contract location or per Rampant Office locations:
Virginia - Chantilly
Florida - Sarasota

I. Company Summary
Rampant employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At Rampant, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. Rampant is an Equal Opportunity Employer.

II. Job Summary
A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource that is a part of the Rampant team reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions that are in alignment with the company's goals. The CSE will be tasked to execute against Contract level programs/projects/sub-projects that are within their immediate supervising PE's contract portfolio and/or to matrixed sister contracts managed by other PEs. The CSE position assists the Principal Engineers (PE) on their assigned Contracts with the planning and support and implementation of existing and new contracts plus helps assess opportunities for expansion of existing business and/or help identify net new opportunities.

III. Essential Duties & Responsibilities

1. SME on problem identification, diagnosis, and resolution of problems
2. Develop best practices for processes and standards that will better the system
3. Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements.
4. Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.
5. Perform hardening of ops systems, COTS and open-source product
6. Validate best practices in Penetration testing, Configuration analysis, and Security
7. Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing.
8. Generate/maintain security accreditation artifacts associated with RMF process.
9. Perform timely updates in accreditation DB
10. Provide technical guidance focused on information security architecture.

IV. Key Skills, Education & Experience

Education: Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline. Without a degree then total of Twelve (12) years of Cybersecurity Engineer experience may be substituted for a bachelor's degree.

Required Experience and Skills: Minimum of eight (8) years' relevant experience as a Cybersecurity Engineer in programs and contracts of similar scope, type, and complexity is required; ideally three (3+) years of direct experience in the same level/grade for like role.

Techno functional knowledge of/experience in:

1. Execution of the Assessment & Authorization (A&A process) in accordance with government requirements (e.g. ICD-503)
2. Information systems security and continuous monitoring practices and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
3. Integrity, availability, authentication, and non-repudiation concepts
4. IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
5. Network access, identity, and access management (e.g., public key infrastructure PKI)
6. Security system design tools, methods, and techniques
7. Relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure.
8. TCP/IP networking technologies, Linux account administration, Linux folder permissions, Patch Management best practices on Operating Systems and applications.
9. Continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems.
10. Virtualization technologies (e.g. VMWare, Docker)
11. OSI model and how specific devices and protocols interoperate.
12. DoD/IC system security control requirements
13. XACTA and SNOW
14. Security testing and penetration tools that include Assured Compliance Assessment Solution (ACAS), Wireshark, Retina, Tripwire, etc
15. Hands on experience and proficiency with the full Microsoft Office Suite and tools such as Microsoft Project, Microsoft Visio

V. Certifications & Credentials:

• Must have certifications (certifications with indicate willing to hire if certification is within 3-6 months of finalizing): Active TS/SCI w/ Poly clearance required
• Current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment.
• MUST meet DoD 8570 IAT Level III requirements
• IAT Level II Certifications (Security+ or equivalent)

VI. Language Skills
All output, communications, materials will be generated in English.

VII. Physical Demands
Predominantly stationary, office centric work.