Senior Cyber Security Engineer NEW

Mount Indie - Arlington, VA

posted 8 days ago

Full-time - Senior
Arlington, VA
Administrative and Support Services

About the position

The Senior Cyber Security Engineer at Mount Indie, LLC is responsible for leading comprehensive security assessments for DoD Special Access Program (SAP) information systems. This role focuses on evaluating the effectiveness of security controls, ensuring compliance with Risk Management Framework (RMF) standards, and enhancing the security posture of sensitive environments. The position requires strong analytical skills, technical expertise, and a collaborative approach to security engineering.

Responsibilities

  • Conduct thorough assessments of security controls across SAP information systems, ensuring compliance with RMF and security standards.
  • Maintain up-to-date Authorization & Assessment (A&A) documentation, monitoring system compliance with IT security, resilience, and dependability requirements.
  • Work closely with stakeholders to ensure security initiatives align with SAP IT operational needs and objectives.
  • Develop specifications that ensure all risk, compliance, and assurance efforts meet confidentiality, integrity, and availability requirements.
  • Conduct risk analysis, identifying potential vulnerabilities, threats, and likelihood of occurrence for major system changes.
  • Draft statements of preliminary or residual security risks and integrate findings into a broader risk mitigation strategy.
  • Monitor security postures for applications, networks, and systems, documenting deviations and recommending corrective actions.
  • Support SAP teams in staying current on vulnerabilities and implementing necessary remediation efforts.
  • Plan and conduct security authorization reviews, develop assurance cases, and oversee initial installations of critical systems and networks.
  • Perform security reviews, identifying gaps in security architecture and suggesting improvements to meet operational and security requirements.
  • Apply knowledge of industry security assessment tools and procedures, including SCAP, ACAS, Vulnerator, and HBSS.
  • Stay informed of best practices for cloud security, contributing to the selection and implementation of best-in-class threat prevention tools.
  • Collaborate with technical leads, developers, and system owners to ensure security requirements align with SAP guidance.
  • Provide technical oversight on special security projects as needed and travel 20-30% to local and CONUS sites.

Requirements

  • Active TS/SCI clearance.
  • Bachelor's degree in a relevant field; 4 years of relevant experience may substitute.
  • 10+ years implementing RMF and security control assessments.
  • 7+ years of DoD security experience, with proficiency in DISA STIGs, SCAP, ACAS, Vulnerator, HBSS, and eMASS.
  • Advanced analytical skills for evaluating risks, conducting audits, and making critical security decisions.
  • DoD 8140 Level 2 or higher certification (e.g., CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP).

Nice-to-haves

  • Cloud certification (e.g., AWS, Azure) is highly preferred.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service