ClearanceJobs
Sr Cybersecurity Engineer - DoD Secret Clearance
ClearanceJobs, Colorado Springs, Colorado, United States, 80509
Sr. Cybersecurity Engineer
Sr. Cybersecurity Engineer supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. Position responsibilities: Will translate complex technical findings into actionable insights, work closely with security operations, engineering, and development teams to drive remediation efforts, and continuously enhance our security posture through proactive validation. Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities associated with all ASV systems within the MDA environment. Administer, configure, and maintain the automated security validation platform (e.g., AttackIQ, Cymulate, Picus, SafeBreach, Mandiant Advantage, etc.). Troubleshoot and resolve any issues related to platform functionality, agents, or integrations. Execute automated validation campaigns across various environments (e.g., endpoints, networks, cloud, applications). Continuously research and incorporate new attack techniques and threat intelligence into validation efforts. Generate comprehensive reports, dashboards, and metrics on security control effectiveness and posture. Communicate findings, risks, and recommended remediations to technical and non-technical stakeholders. Integrate the security validation platform with existing security tools (SIEM, EDR, SOAR, CMDB, Vulnerability Management, Ticketing Systems) via APIs or other mechanisms. Proactively identify opportunities to enhance the effectiveness and efficiency of the security validation program. Maintain detailed documentation of platform configurations, test plans, and procedures. Minimum qualifications: Must have 5 or more years of experience in cybersecurity related roles to include: security operations, vulnerability management, penetration testing, or red teaming. Must have a strong understanding of network protocols, operating systems (Windows, Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures. Must be able to support after-hour maintenance window work, as needed. Must be able to maintain a restricted badge and work on site 4+ days per week. Must have a current IAT Level II Certification (Security+ CE). Must have an active DoD Secret Clearance. Preferred qualifications: Have relevant industry certifications such as OSCP, CySA+, PenTest+, CEH. Be proficient in at least one scripting language (e.g., Python, PowerShell) for automation and API integration. Have knowledge of common attack techniques, exploitation methods, and adversary tactics, techniques, and procedures (TTPs). Have experience with the MITRE ATTACK framework and its application in security testing and validation. Be familiar with various security controls (e.g., EDR, SIEM, Firewalls, IDS/IPS, DLP, WAF) and how to test their effectiveness. Be familiar with the MDA and BMDS programs. Compensation: Salary Range: $125,000 - $135,000 annually. Final compensation is based on experience, education, location, and applicable certifications.
Sr. Cybersecurity Engineer supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. Position responsibilities: Will translate complex technical findings into actionable insights, work closely with security operations, engineering, and development teams to drive remediation efforts, and continuously enhance our security posture through proactive validation. Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities associated with all ASV systems within the MDA environment. Administer, configure, and maintain the automated security validation platform (e.g., AttackIQ, Cymulate, Picus, SafeBreach, Mandiant Advantage, etc.). Troubleshoot and resolve any issues related to platform functionality, agents, or integrations. Execute automated validation campaigns across various environments (e.g., endpoints, networks, cloud, applications). Continuously research and incorporate new attack techniques and threat intelligence into validation efforts. Generate comprehensive reports, dashboards, and metrics on security control effectiveness and posture. Communicate findings, risks, and recommended remediations to technical and non-technical stakeholders. Integrate the security validation platform with existing security tools (SIEM, EDR, SOAR, CMDB, Vulnerability Management, Ticketing Systems) via APIs or other mechanisms. Proactively identify opportunities to enhance the effectiveness and efficiency of the security validation program. Maintain detailed documentation of platform configurations, test plans, and procedures. Minimum qualifications: Must have 5 or more years of experience in cybersecurity related roles to include: security operations, vulnerability management, penetration testing, or red teaming. Must have a strong understanding of network protocols, operating systems (Windows, Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures. Must be able to support after-hour maintenance window work, as needed. Must be able to maintain a restricted badge and work on site 4+ days per week. Must have a current IAT Level II Certification (Security+ CE). Must have an active DoD Secret Clearance. Preferred qualifications: Have relevant industry certifications such as OSCP, CySA+, PenTest+, CEH. Be proficient in at least one scripting language (e.g., Python, PowerShell) for automation and API integration. Have knowledge of common attack techniques, exploitation methods, and adversary tactics, techniques, and procedures (TTPs). Have experience with the MITRE ATTACK framework and its application in security testing and validation. Be familiar with various security controls (e.g., EDR, SIEM, Firewalls, IDS/IPS, DLP, WAF) and how to test their effectiveness. Be familiar with the MDA and BMDS programs. Compensation: Salary Range: $125,000 - $135,000 annually. Final compensation is based on experience, education, location, and applicable certifications.