Logo
Rampant Technologies

Rampant Technologies is hiring: Cyber Security Engineer in Fairfax

Rampant Technologies, Fairfax, Iowa, United States

Save Job

Overview

A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource on the Rampant team reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions aligned with the company’s goals. The CSE is a subject-matter expert on problem identification, diagnosis, and resolution, and develops best practices for processes and standards to improve the system.

Responsibilities

  • Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and apply configuration updates to comply with security requirements.
  • Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.
  • Hardening of operations systems, COTS and open-source products.
  • Validate best practices in penetration testing, configuration analysis, and security assessments.
  • Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing; generate and maintain security accreditation artifacts associated with the RMF process, including Security Requirements Traceability Matrix, and perform timely updates in the accreditation database.
  • Provide technical guidance focused on information security architecture.

Key Skills, Education & Experience

  • Minimum eight (3) years’ relevant experience as a Cybersecurity Engineer in programs and contracts of similar scope, type, and complexity; ideally three (3+) years of direct experience in the same role.
  • Techno-functional knowledge of/experience with:
  • Execution of the A&A process in accordance with government requirements (e.g., ICD-503).
  • Information systems security and continuous monitoring practices and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
  • DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and related assessment criteria.
  • Integrity, availability, authentication, and non-repudiation concepts; IT security principles and methods (firewalls, DMZs, encryption).
  • Network access and identity management (e.g., PKI); security system design tools and techniques.
  • Knowledge of DoD/IC system security control requirements and relevant laws, policies, and governance related to critical infrastructure.
  • Management best practices for Windows and Linux OS, known vulnerabilities, and continuous monitoring per NIST SP 800-137 with automation where applicable.
  • Virtualization technologies (e.g., VMware, Docker); OSI model understanding and network protocol knowledge.
  • Ability to apply DoD/IC security controls, XACTA and SNOW tools, and security testing tools (including ACAS).
  • Proficiency with Microsoft Office Suite (e.g., Project, Visio).

Certifications and Clearance

  • Active TS/SCI w/ Poly clearance required; certification compliant with DoD 8570 IAM or IAT level 3, or obtain certification within 6 months of hire and maintain it during employment.
  • IAT Level II Certifications (Security+ or equivalent).
#J-18808-Ljbffr