Sunayu, LLC
Cyber Security Engineer - Top Secret/SCI with Security Clearance
Sunayu, LLC, Bethesda, Maryland, us, 20811
Overview
Location: Bethesda, MD Category: Cyber Security Architecture and Engineering Travel Required: No Remote Type: Hybrid Clearance: Top Secret/SCI Responsibilities
Support the secure architecture, design, and implementation of DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integration of RMF activities into the system development lifecycle (SDLC), including selecting, implementing, and validating security controls. Develop and maintain key security documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and Plan of Action and Milestones (POA&Ms). Collaborate with ISSOs, ISSMs, developers, and system owners to ensure systems are developed and maintained with approved security configurations. Apply Security Technical Implementation Guides (STIGs) to systems and validate compliance using tools such as SCAP, STIG Viewer, and ACAS. Maintain application, network, and database scanning infrastructure (updates, benchmark/audit files, builds, rule packs, scanner or agent deployment, etc.). Analyze vulnerability scans and ensure timely mitigation or acceptance of risks based on DoD policies. Provide technical input to support and maintain system authorization. Participate in system reviews, architecture assessments, and engineering design reviews to embed cybersecurity from the outset. Develop and implement automation or security tools to improve the compliance and monitoring of systems. Support security incident response and forensics analysis in coordination with ISSMs and Security points of contact. Requirements
BS degree and 8+ years of experience in cybersecurity. Additional relevant years of experience in lieu of degree is accepted. An active TS/SCI clearance with ability to obtain a Polygraph. At least one of the following DoD 8570.01–M IASAE Level II certifications: CISSP, CISSP–ISSAP, CISSP–ISSEP, CSSLP, or CASP+ CE. Note: the CISSP Associate is not acceptable. Developer experience in at least one scripting/programming language is preferred. Experience with reviewing cybersecurity vulnerabilities for risk and remediation planning for identified systems, networks, applications, and databases. Ability to architect, design, troubleshoot, maintain, and deploy vulnerability scanning solutions (e.g., OWASP, Fortify, SonarQube, Tenable). Experience with XACTA, EMass, or similar tools. Strong understanding of Microsoft Windows and Linux/UNIX operating systems. Experience with middleware/web technologies (Apache, Tomcat, IIS, etc.). Experience with databases (Postgres, MS SQL, MySQL, ElasticSearch, etc.). Understanding of TCP/IP networking. Experience with Continuous Integration/Continuous Delivery platforms (Jenkins, Bamboo, GitLab CI, TFS, etc.). Familiar with NIST 800-171, 800-172, NIST SSDF, and CMMC requirements. Experience with NIST Special Publications (e.g., SP 800-27, 800-30, 800-37, 800-53, 800-60, 800-171), NIST SSDF, CMMC, and CNSS publications (CNSSI 1253). Experience supporting DoD/IC systems through the RMF process and establishing a System Security Engineering management process to integrate security and privacy controls. Experience developing and reviewing security concepts of operations, system security plans, security risk assessments, contingency plans, and configuration management plans. Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans. Strong communication skills; able to communicate effectively with management, technical personnel, and third parties. You will be even more effective with: software development/coding experience (Python, Java, React); achieving ATO under RMF+; experience with big data applications; ticketing/documentation tools (GitLab, Jira, Confluence); Agile environment experience; knowledge of OIDC/OAuth2; and experience with technologies such as Kubernetes, Rancher, Strimzi, Cloudera, Active Directory, and scripting languages (bash, Python, PowerShell).
#J-18808-Ljbffr
Location: Bethesda, MD Category: Cyber Security Architecture and Engineering Travel Required: No Remote Type: Hybrid Clearance: Top Secret/SCI Responsibilities
Support the secure architecture, design, and implementation of DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integration of RMF activities into the system development lifecycle (SDLC), including selecting, implementing, and validating security controls. Develop and maintain key security documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and Plan of Action and Milestones (POA&Ms). Collaborate with ISSOs, ISSMs, developers, and system owners to ensure systems are developed and maintained with approved security configurations. Apply Security Technical Implementation Guides (STIGs) to systems and validate compliance using tools such as SCAP, STIG Viewer, and ACAS. Maintain application, network, and database scanning infrastructure (updates, benchmark/audit files, builds, rule packs, scanner or agent deployment, etc.). Analyze vulnerability scans and ensure timely mitigation or acceptance of risks based on DoD policies. Provide technical input to support and maintain system authorization. Participate in system reviews, architecture assessments, and engineering design reviews to embed cybersecurity from the outset. Develop and implement automation or security tools to improve the compliance and monitoring of systems. Support security incident response and forensics analysis in coordination with ISSMs and Security points of contact. Requirements
BS degree and 8+ years of experience in cybersecurity. Additional relevant years of experience in lieu of degree is accepted. An active TS/SCI clearance with ability to obtain a Polygraph. At least one of the following DoD 8570.01–M IASAE Level II certifications: CISSP, CISSP–ISSAP, CISSP–ISSEP, CSSLP, or CASP+ CE. Note: the CISSP Associate is not acceptable. Developer experience in at least one scripting/programming language is preferred. Experience with reviewing cybersecurity vulnerabilities for risk and remediation planning for identified systems, networks, applications, and databases. Ability to architect, design, troubleshoot, maintain, and deploy vulnerability scanning solutions (e.g., OWASP, Fortify, SonarQube, Tenable). Experience with XACTA, EMass, or similar tools. Strong understanding of Microsoft Windows and Linux/UNIX operating systems. Experience with middleware/web technologies (Apache, Tomcat, IIS, etc.). Experience with databases (Postgres, MS SQL, MySQL, ElasticSearch, etc.). Understanding of TCP/IP networking. Experience with Continuous Integration/Continuous Delivery platforms (Jenkins, Bamboo, GitLab CI, TFS, etc.). Familiar with NIST 800-171, 800-172, NIST SSDF, and CMMC requirements. Experience with NIST Special Publications (e.g., SP 800-27, 800-30, 800-37, 800-53, 800-60, 800-171), NIST SSDF, CMMC, and CNSS publications (CNSSI 1253). Experience supporting DoD/IC systems through the RMF process and establishing a System Security Engineering management process to integrate security and privacy controls. Experience developing and reviewing security concepts of operations, system security plans, security risk assessments, contingency plans, and configuration management plans. Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans. Strong communication skills; able to communicate effectively with management, technical personnel, and third parties. You will be even more effective with: software development/coding experience (Python, Java, React); achieving ATO under RMF+; experience with big data applications; ticketing/documentation tools (GitLab, Jira, Confluence); Agile environment experience; knowledge of OIDC/OAuth2; and experience with technologies such as Kubernetes, Rancher, Strimzi, Cloudera, Active Directory, and scripting languages (bash, Python, PowerShell).
#J-18808-Ljbffr