Cybersecurity Engineer

Sev1Tech is seeking an Information Systems Security Engineer to support the Program Executive Office (PEO) Manpower, Logistics, and Business Solutions (MLB) which manages the Logistics (LOG) Information Technology (IT) portfolio. This portfolio is composed of 300+ afloat and ashore IT systems/applications with 150,000+ users across all Naval Systems Commands (SYSCOMs) and Naval Operational Forces (NOF) to include ships, carriers, submarines, USN/USMC aviation squadrons, and Naval Expeditionary Forces. The United States Coast Guard (USCG) is a joint user of LOG IT capabilities and is part of the program requirements. LOG IT enables essential business operations for various capability groups.

This role will provide cybersecurity support for US Navy systems on Risk Management Framework (RMF) Authorization packages as well as conducting monitoring services. 

The Cybersecurity Engineer primary responsibilities include:

• Plans, develops, and implements proven high-tech solutions in alignment with Zero Trust requirements to increase security and defend against hacking, malware and ransomware, insider threats, and other types of cybercrimes. Keeps abreast of industry security trends and developments, as well as applicable government regulations.
• Oversees monitoring of computer networks, identifies security issues, and anticipates security breaches. Executes the installation and maintenance of security programs, plans, and software, including firewalls and data encryption programs.
• Assures protection of the organization's data and infrastructure by enabling the appropriate security controls. Investigates, analyzes and documents security breaches and cyber security incidents to determine the source of the issues, and assesses the damaged caused.
• Performs assessments and penetration tests to identify network and system vulnerabilities, troubleshoots security and network problems, determines the best way to avoid them, and responds to system or network security breaches.
• Provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800-Publications.
• Coordinate with system owners and development teams concerning RMF process and solutions.
• Produce documentation about IA Controls for application development teams, support and provide guidance on IA Control mitigation.
• Produce security briefs and reports for delivery to stakeholders and senior management.
• Review cloud, commercial, and government system cybersecurity implementation, document/assess results, and provide a recommendation concerning risk and authority to operate. 

• US Citizenship Required.
• Holds interim secret clearance OR Active DoD Secret Clearance.
• 4 years of relevant cyber security experience.
• Geographically located to have access to Government facilities to support high side requirements (Washington DC, Norfolk VA, Charleston SC, New Orleans LA, San Diego CA).
• Valid Security+, CISSP, or equivalent certification (Minimum: DoD 8570.1-M IAT Level II); ability to attain certification(s) within 1 month from start date is required.
• Bachelor’s degree in Computer Science, Computer Information Systems, Cyber Security, Engineering, Information Assurance, Information Management, Information Systems, Information Security, or Information Technology.
• Experience providing cybersecurity support for the Department of the Navy. 
• Minimum four (4) years of experience in providing cybersecurity support in the areas of security compliance, system monitoring, enabling security controls, performing assessments and penetration testing, risk assessments and audits, creating security documentation, investigating, analyzing, and documenting security breaches and cyber security incidents, and keeping abreast of industry security trends and developments, as well as applicable government regulations.
• Experience using and configuring cyber tools supporting areas of Vulnerability Assessment, SIEM/SOAR, Network Defense, Incident Response, Threat Intelligence.
• Understanding of securing containerized applications/systems.
• Understanding of Zero Trust Architectures and requirements (NIST 800-207), specifically any relevant experience modernizing programs or organizations towards compliance.
• Experience performing in an Information Assurance or Cyber Security capacity working with DevSecOps engineers within cloud environments (AWS, Azure, PCF or similar).  
• Must have experience with DoD-specific (Department of Defense) Information Assurance protocols, policies, & procedures.
• Experience presenting to clients or management to present technical and non-technical information to allow key personnel to make informed decisions.

• Experience using eMASS, STIGViewer, eMASSTer and other DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
• Possess experience leading RMF (Risk Management Framework) and NIST compliance to ATO (Authority to Operate) processes on both IA systems in Development and Production.
• Experience with USMC Risk Management Framework (RMF) – Marine Corps Certification and Accreditation Support Tool (MCCAST) and USN Risk Management Framework (RMF) – Enterprise Mission Assurance Support System (eMASS).
• Understanding of RAISE 2.0 cybersecurity processes. 
• Understanding of Federal Information System Controls Audit Manual (FISCAM) methodology, control activities, techniques, and execution in support of audit readiness.
• High-level knowledge of DevSecOps and cloud (AWS or similar) within a DoD environment.
• Experience with Continuous-ATO.
• Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats.

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies.  Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression.  Please apply directly through the website at: https://careers-sev1tech.icims.com/   #joinSev1tech

For any additional questions or to submit any referrals, please contact: marcus.taylor@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.