Are you looking for an opportunity to deepen your IT skills in a meaningful work environment that supports and protects explorers and heroes? Join our team! As a Systems Security Engineer III, you will be using your skills and expertise to design, test, and implement our secure operating systems, networks, security monitoring, and tuning. You'll be responsible for the management of our IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions, conducting risk and vulnerability assessments, and developing and implementing security controls. You'll research, evaluate, and recommend new security tools, techniques, and technologies in alignment with our IT security strategy and introduce them to the enterprise.
As a Systems Security Engineer III (SSE) at SNC, you will be at the forefront of safeguarding our systems throughout the acquisition lifecycle. You will play a critical role in ensuring the highest standards of cybersecurity and Information Assurance (IA) solutions for SNC and our valued customers. Your expertise will be pivotal in maintaining the confidentiality, integrity, and availability of our systems. By collaborating closely with system owners, administrators, engineers, and program managers, you will ensure that cybersecurity controls are effectively implemented and maintained throughout the system lifecycle. Join our dynamic and fast-paced environment, where your contributions will make a significant impact!
The Mission Solutions and Technologies (MST) business area provides affordable, turn-key command/control, communications, integrated ISR, force protection and security solutions worldwide. The MST team has a long legacy of supporting the Department of Defense, Department of Homeland Security, commercial and international customers with years of experience in platform operations, engineering and full lifecycle management across domains - air, land, sea, space and cyber. https://www.sncorp.com/company/business-areas/
Responsibilities:
Perform System Security Engineering (SSE) and Cybersecurity/IA job functions: establish and validate system boundaries; ensure comprehensive documentation of information systems, functionalities, data governance, and adherence to compliance standards and processes; collaborate with cross-functional teams to validate security requirements
Develop and manage security documentation in support of NIST 800-171 compliance activities, including System Security Plans (SSPs), Plans of Action & Milestones (POA&M), software and hardware inventory, network diagrams, INFOSEC policies, and configuration management processes, ensuring audit readiness
Provide input to CMMC documentation: Systems Security Plan (SSP), Plan of Action & Milestones (POA&M), Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedure, Risk Assessment Report, and Configuration Management
Integrate security requirements: ensure cybersecurity requirements are effectively incorporated into information systems throughout the Systems Development Life Cycle (SDLC) using methodologies such as Agile and DevSecOps; implement secure design, architecture, and coding practices, with continuous feedback loops for ongoing security enhancements
Conduct security risk assessments: perform detailed risk assessments, including threat modeling and penetration testing, to identify vulnerabilities and tailor security controls to protect systems and information; stay updated with emerging threats and vulnerabilities to continuously enhance risk assessment practices
Lead configuration management: oversee the configuration management process, providing expert guidance during system development and acquisition to ensure security compliance; utilize tools such as ServiceNow and CMDB for effective configuration management and conduct regular audits and compliance checks
Coordinate compliance activities: conduct periodic and ad-hoc validation and security control assessments, ensuring ongoing compliance with NIST 800-171, corporate policies, program contracts, and all specific identified requirements
Enhance technical cybersecurity/IA skills: maintain and continuously develop your technical skillset in cybersecurity and information assurance, focusing on areas such as IT enterprise environments, cloud security, incident response, and system architecture reviews
Periodic travel to SNC, customer, and partner facilities to support program and business-wide activities
Follow SNC policies, processes, and procedures for all technical activities
Punctuality to work each day and prepared to work scheduled work hours
Other duties as assigned
Must-haves:
Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline and typically 6 years of relevant experience
Relevant experience may be considered in lieu of required education
DoDD 8140 IAT Level II *Required within 6 months of hire
Strong communication skills; ability to translate complex cybersecurity information into quantifiable business risk and communicate risk effectively to business and executive leaership
Cisco, Microsoft, Linux, Azure/Cloud or other technical certifications a plus
Knowledge of technical standards relating to systems security; UNIX, Linux, and Windows administration, experience with large-scale servers and large-scale enterprise IT environments, virtualization and containerization, cloud computing (Azure preferred), secure network architecture, cybersecurity stack experience (web filtering, SSL inspection, DLP, antivirus, firewalls, PCAP, SIEM, etc.)
Solid understanding of at least one security framework (preferably NIST 800-171), NIST 800-53 second preferred
Ability to balance cybersecurity requirements with SNC's mission, goals, and culture
Strong critical thinking and problem solving skills; self-motivated with ability to effectively prioritize multiple projects; ability to work with people in a team environment and flexibility through learning and adaptation
Ability to manage time, make sound decisions, take independent action, analyze problems and provide focused solutions
High degree of attention to detail
Preferred:
ISSM CAP, CISSP, or CISM Certification
ISSE CAP, CISSP-ISSEP Certification
CISSP, Security+, ISSO Security+, CISA, or CASP+ Certification
MCSE, Linux, and/or CCNP Security Certification
Azure cloud certifications, or other relevant cloud certification Other relevant IT and/or technology certification
Estimated Starting Salary 95,298.10 - 131,034.89 USD Annually
SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more (https://www.sncorp.com/careers/total-rewards/) .
IMPORTANT NOTICE:
This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.
Learn more about the background check process for Security Clearances. (https://www.dcsa.mil/About/)
SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We're known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation's most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!
As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination. Employment decisions are made without regarding to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or other characteristics protected by law. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.