Cyber Security Engineer with Security Clearance

Cyber Security Engineer with Security Clearance

Title: Cyber Security Engineer
Location: Reston, VA
Clearance: Active TS/SCI w/ Polygraph needed to apply

Company Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Our most prized assets are our employees, and we focus on improving their overall work/life experience supporting the mission.

The Sponsor is seeking support in the domain of Endpoint Security Engineering, primarily working in a mission technology area that uses multiple IT systems and networks operating in both secure and unsecure environments. The unsecure cloud networks are primarily within Amazon Web Services (AWS) and Microsoft Azure.

The Cyber Security Engineer will provide risk mitigation recommendations for systems and applications and support information security policies, regulations, and technical implementations regarding facets of cyber operations and the Sponsor's Accreditation and Authorization (A&A) process.

Key Responsibilities:

1. Provide support to project teams overseeing the Sponsor's A&A platform and streamline communications/processes between projects, ISSMs, and Sponsor Cyber Security teams.
2. Shepherd an educational initiative for system evaluation against NIST 800–53, Risk Management Framework (RMF), DISA STIGS, Zero Trust M–22–09, FedRAMP, and other security standards.
3. Orchestrate the acceleration of control selection and acceptance for project teams and system owners towards Approval to Operate (ATO).
4. Participate in or shepherd technical exchange meetings and application review boards to verify and validate systems security controls.
5. Provide routine briefings on system status and mitigation activities as required by the Sponsor.

Minimum Requirements:

1. (Mandatory) Demonstrated experience with A&A processes and procedures.
2. (Mandatory) Demonstrated experience providing vulnerability guidance as it pertains to analysis results and mitigation plans for addressing security problems.
3. (Mandatory) Demonstrated experience providing risk mitigation for systems and applications in the cloud environment.
4. (Mandatory) Demonstrated experience reviewing reports generated by Nexpose, AppDetective, RunZero, and WebInspect.
5. (Desired) Demonstrated experience leading A&A teams, security initiatives, and executive level briefings.
6. (Desired) Demonstrated experience leading Technical Exchange Meetings regarding A&A and project status updates.
7. (Desired) Demonstrated experience providing guidance and writing Standard Operating Procedures for project teams which expedites the A&A Process.
8. (Desired) Demonstrated experience recommending continuous process improvement on A&A processes within the Sponsor's environment.