security
Posted YesterdayCybersecurity Engineer
United StatesRemote
Responsibilities
- responsibilities are not exhaustive and additional
Requirements
- experience in cybersecurity engineering, with a focus on achieving accreditation for software systems within the DoD environment.
- In-depth knowledge of NIST-800 series standards, particularly NIST-800-53, and
- experience applying these standards to achieve accreditation.
- Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices. ● Hands-on
- experience with security assessment tools and techniques, such as vulnerability scanning and security analysis.
- Familiarity with software development methodologies and practices, particularly Agile and DevSecOps.
- Excellent analytical and problem-solving skills, with the ability to assess complex systems and identify security risks.
- Effective communication and interpersonal skills, with the ability to collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
- Experience with Open Security Controls Assessment Language (OSCAL)
- Ability to use OSCAL to manage control implementation and statements as “compliance as code”
- Familiarity with Department of the Air Force (DAF) security approval processes to include AFI 17-101
- Familiarity with DAF Gov Cloud offerings and inherited controls in Gov Cloud environments
- Familiarity with the Cloud Computing Security
- Experience working in a remote team or asynchronous work environment where focus, discipline, and comfort navigating/leveraging various communication forms and frequencies to disseminate and prioritize information and keep stakeholders informed
- experience delivering technology programs across the federal market. What We Do
- We proudly support defense and civil agencies across the U.S. government and we work closely with the creators of leading-edge software solutions to deliver value to the mission-owner by improving the security and consumability of commercial software products. What We Work On Kubernetes
- Cloud Environments (AWS/GCP and Azure)
- Infrastructure-as-code (like Terraform/Pulumi)