Overview
SimTech, Inc., recognized as one of the
2024 Best Places for Working Parents, is seeking a
Cyber Security Engineerto join our dynamic and diverse team in Huntsville, AL. This is an immediate opening with opportunities for growth and professional development in support of the
Missile Defense Agency (MDA) Engineering Directorate Modeling and Simulation (MandS) office (DES) team supporting Objective Simulation Framework (OSF).
Responsibilities
Perform technical work utilizing the Risk Management Framework (RMF) process including analyzing and solving Information Assurance (IA)-related technical problems.
Utilizing best practices and methods for monitoring, auditing, and measuring risk, compliance, and assurance efforts.
Ensuring risk, compliance, and assurance efforts conform to Department of Defense (DoD) security, resilience, and dependability requirements at the software application, system, and network levels.
Documenting preliminary or residual security risks for system operation.
Verifying that the software application/network/system authorization and assurance documentation is current.
Monitoring and evaluating a system's compliance with DoD security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results and analyze the differences to identify impact and risks.
Provide an accurate technical evaluation of the software application, system, or network, documenting the security posture, capabilities, and vulnerabilities against applicable NIST controls. Recommending new or revised security measures and countermeasures based on risk analysis then verifying that security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
Responsible for the operation of DOD tools, security monitoring and auditing solution utilizing a COTS product i.e. (Elastic Endpoint Security Solutions (ESS), etc.) and industry wide best practices.
Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in the security plan.
Conduct annual inspections to validate system updates, configuration compliance utilizing technical scans, and physical observations at domestic and foreign sites approximately 10% travel.
Data collection, documentation and reporting on all the above responsibilities as required. Perform other duties as assigned to realize mission success.
Minimum Qualifications and Education Requirements and Desired Skillsets
Bachelor's degree in computer science, or a related field or equivalent experience. Experience may be used in lieu of degree.
Candidates must comply with the experience, training, and certification requirements for DoD 8570 Information Assurance Technical (IAT) level III or Information Assurance Management (IAM) Level III Certification upon employment (e.g., CISSP, CISM)
Must have experience with Red Hat Enterprise Linux operating systems.
Working knowledge of DoD security policies and procedures.
Self-starter that thrives in a dynamic environment and works well within a team environment.
Effective oral and written communication skills for working within a team environment.
Candidate must possess an understanding of Enterprise Mission Assurance Support Service (eMASS), Security Technical Implementation Guides (STIG's), IAVAs or with DoD information assurance applications such as Assured Compliance Assessment Solution (ACAS) for vulnerability scans, network configuration assessments, and network discovery and Security Content Automation Protocol (SCAP)/Evaluate-STIG Validation Tool for validating system compliance.
US Citizenship with the ability to obtain and maintain a Secret security clearance
Preferred Requirements
Knowledge of ACAS, NESSUS, Elastic, SCAP, POAandMs, NIST, NISPOM, system audits, vulnerability scanning, and RMF package development.
Support Stakeholders in the operation of the comprehensive Elastic platform in terms of know-how and the technologies used.
Linux certification e.g., Linux+, LPIC, Red Hat Certified System Administrator (RHCSA), Red Hat Certified Engineer (RHCE).
Previous experience with the Missile Defense Agency elements, components, or equivalent system of system environments.
Physical Description
Employees in these roles will primarily work in a general office or cubicle setting, as well as laboratory or testing environments. They will use standard office equipment such as computers, telephones, printers, and video equipment, along with specialized electronic testing equipment. Regular interactions with various personnel in an office setting, participation in team meetings, and contributions to team success are essential. Employees are expected to deliver timely results, produce reports, and effectively communicate. Some roles may include telework flexibility.
In laboratory or testing settings, employees may work with advanced electronic testing tools, computer software, a