CompQsoft
Apply
Job Type Full-time
Description Description: We are seeking an experienced and dedicated
Cyber Security Engineer
to join our team in support of critical Department of Defense (DoD) and U.S. Navy missions. This role involves the comprehensive planning, design, deployment, and operation of secure network and system architectures, with a primary focus on ensuring compliance with federal security mandates. The ideal candidate will be a technical expert in security implementation, vulnerability management, and the
Risk Management Framework (RMF)
process. Key Responsibilities
DoD Compliance (RMF):
Lead and execute activities related to the
Risk Management Framework (RMF) , including the development of Security Plans, System Security Categorization, and Control Implementation. Vulnerability Management:
Conduct regular vulnerability scans, analyze results, and drive the remediation and patching process to mitigate risks across diverse operating systems and applications. Security Auditing:
Perform in-depth security analysis and configuration hardening based on
DoD Security Technical Implementation Guides (STIGs)
and Security Requirements Guides (SRGs) for Windows, Linux, network devices, and databases. Incident Response:
Participate in the development and testing of Incident Response Plans (IRPs), acting as a key technical resource during security incidents and forensic investigations. Architecture Review:
Review and approve network and system designs to ensure security is "baked in" from the initial planning stages, utilizing a defense-in-depth strategy. Documentation & Reporting:
Maintain accurate and detailed security documentation, including Plan of Action and Milestones (POA&M), Continuous Monitoring plans, and weekly status reports for government stakeholders. Cross-Functional Collaboration:
Work closely with Network, Systems, and Application teams to troubleshoot complex security issues and implement integrated security solutions.
Requirements Required Qualifications Education:
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. ( A combination of certification and experience may be substituted. ) Experience:
Minimum of
5 years
of hands-on experience in information security engineering, with at least
3 years
directly supporting DoD, Navy, or other federal environments. Clearance:
Must possess an
Active DoD Secret
security clearance. Certification:
Must meet
IAT Level III
requirements ( CASP+ ,
CISSP ,
CISA , or similar).
Technical Expertise:
Proven expertise in securing and configuring enterprise operating systems (Windows Server, Red Hat/RHEL Linux). Deep practical knowledge of TCP/IP networking, security protocols, and secure network segmentation. Hands-on experience with Security Information and Event Management (SIEM) tools for log analysis and correlation. Demonstrated experience implementing and validating
DISA STIGs
in an operational environment. Operational knowledge of
eMASS
in relations to DoD RMF
Regulatory Knowledge:
Strong working knowledge of the
DoD Risk Management Framework (RMF)
process and artifacts. Preferred Qualifications
Navy/Coast Guard Experience:
Direct experience supporting Navy systems, platforms, or combat systems. Cloud Security:
Familiarity with securing environments and services in a cloud platform (e.g., Azure Government, AWS GovCloud). Scripting:
Proficiency in one or more scripting languages (e.g., Python, PowerShell) for security automation tasks. Container Security:
Experience securing containerized environments (e.g., Docker, Kubernetes). Advanced Security Certifications:
Holding advanced certifications such as
CCSP ,
GSEC , or relevant vendor-specific security certifications.
Salary Description Range: $130K to $150K
Job Type Full-time
Description Description: We are seeking an experienced and dedicated
Cyber Security Engineer
to join our team in support of critical Department of Defense (DoD) and U.S. Navy missions. This role involves the comprehensive planning, design, deployment, and operation of secure network and system architectures, with a primary focus on ensuring compliance with federal security mandates. The ideal candidate will be a technical expert in security implementation, vulnerability management, and the
Risk Management Framework (RMF)
process. Key Responsibilities
DoD Compliance (RMF):
Lead and execute activities related to the
Risk Management Framework (RMF) , including the development of Security Plans, System Security Categorization, and Control Implementation. Vulnerability Management:
Conduct regular vulnerability scans, analyze results, and drive the remediation and patching process to mitigate risks across diverse operating systems and applications. Security Auditing:
Perform in-depth security analysis and configuration hardening based on
DoD Security Technical Implementation Guides (STIGs)
and Security Requirements Guides (SRGs) for Windows, Linux, network devices, and databases. Incident Response:
Participate in the development and testing of Incident Response Plans (IRPs), acting as a key technical resource during security incidents and forensic investigations. Architecture Review:
Review and approve network and system designs to ensure security is "baked in" from the initial planning stages, utilizing a defense-in-depth strategy. Documentation & Reporting:
Maintain accurate and detailed security documentation, including Plan of Action and Milestones (POA&M), Continuous Monitoring plans, and weekly status reports for government stakeholders. Cross-Functional Collaboration:
Work closely with Network, Systems, and Application teams to troubleshoot complex security issues and implement integrated security solutions.
Requirements Required Qualifications Education:
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. ( A combination of certification and experience may be substituted. ) Experience:
Minimum of
5 years
of hands-on experience in information security engineering, with at least
3 years
directly supporting DoD, Navy, or other federal environments. Clearance:
Must possess an
Active DoD Secret
security clearance. Certification:
Must meet
IAT Level III
requirements ( CASP+ ,
CISSP ,
CISA , or similar).
Technical Expertise:
Proven expertise in securing and configuring enterprise operating systems (Windows Server, Red Hat/RHEL Linux). Deep practical knowledge of TCP/IP networking, security protocols, and secure network segmentation. Hands-on experience with Security Information and Event Management (SIEM) tools for log analysis and correlation. Demonstrated experience implementing and validating
DISA STIGs
in an operational environment. Operational knowledge of
eMASS
in relations to DoD RMF
Regulatory Knowledge:
Strong working knowledge of the
DoD Risk Management Framework (RMF)
process and artifacts. Preferred Qualifications
Navy/Coast Guard Experience:
Direct experience supporting Navy systems, platforms, or combat systems. Cloud Security:
Familiarity with securing environments and services in a cloud platform (e.g., Azure Government, AWS GovCloud). Scripting:
Proficiency in one or more scripting languages (e.g., Python, PowerShell) for security automation tasks. Container Security:
Experience securing containerized environments (e.g., Docker, Kubernetes). Advanced Security Certifications:
Holding advanced certifications such as
CCSP ,
GSEC , or relevant vendor-specific security certifications.
Salary Description Range: $130K to $150K