Journeyman Cybersecurity Engineer
Astrion · Bedford, MA · 3 wk ago
Engineering$160k/yrFull-time
Responsibilities
- Aid in the creation of security documentation such as System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, and other necessary system security engineering documents.
- Support the Authorization and Accreditation (A&A) process for systems, ensuring adherence to DoD and Air Force cybersecurity policies.
- Manage system user accounts, ports/protocols, PKI requirements, and access control lists.
- Implement and track system security updates, configurations, and vulnerability remediation in line with DoD requirements.
- Conduct risk and vulnerability assessments; propose security policies, contingency plans, and disaster recovery procedures.
- Participate in system/network design to align with security policies.
- Lead the analysis and integration of cybersecurity requirements into system design and operations.
- Review and evaluate the implementation of RMF security controls across system architecture, documentation, and design artifacts.
- Collaborate with stakeholders to secure A&A approval from all Authorizing Officials.
- Maintain and audit databases containing classified information, visits, and clearances.
- Support the handling, accountability, and compliance with security classification guidelines for classified materials.
- Develop and deliver security awareness training and education programs.
- Prepare and review acquisition security documentation to ensure compliance with Contract Data Rights Lists (CDRLs).
- Plan and execute security-related surveys, assessments, and evaluations throughout the program lifecycle.
Qualifications
- Education: Bachelor’s degree in a professional engineering discipline from an ABET-accredited institution, with at least 5-10 years of relevant experience, including 5 years in the DoD.
- Certifications: Security+ certification, understanding of cybersecurity in DoD cloud infrastructure, knowledge of Agile methodologies including CI/CD, DevSecOps, and DevOps.
- Technical Skills: Familiarity with STIG compliance, RMF implementation and documentation, DoD cybersecurity policies and compliance, system authorization and accreditation (A&A) processes, DoD cloud infrastructure security, Agile development methods, security risk, vulnerability, and contingency planning, PKI management, and access control.
- Interpersonal Skills: Strong verbal and written communication abilities for both technical and non-technical audiences, effective problem-solving and analytical thinking, adaptability to evolving program requirements and security challenges, and strong collaboration skills with government, contractor, and industry stakeholders.