Today
Secret
IT - Support
Lexington, MA (On-Site/Office)
The Operations Engineer will be responsible for ensuring that classified IT systems comply with relevant security, regulatory, and operational requirements. Reporting to the CES Operations Team Lead, this role will support the development, implementation, and monitoring of compliance frameworks to safeguard critical systems. The Operations Engineer will collaborate with cross-functional teams, including CES Engineering, cybersecurity, and Information Assurance, to maintain compliance with Department of Defense (DoD) and other federal regulations.
As part of this role, the individual will need to demonstrate proficiency with DISA STIGs (full and benchmark),DISA’s SCC Tool, EvalSTIG, STIG Viewer and how to evaluate systems for STIG compliance.
Candidates with a background in evaluating and maintaining DoD compliant systems, especially those familiar with DISA’s Command Operational Readiness Assessment (CORA), will be given preference.
This position is 100% dedicated to supporting classified environment and therefore 100% onsite.
Responsibilities include but are not limited to:
Ensure compliance with applicable regulations, policies, and security frameworks, including relevant STIGs, NIST 800-171, NIST 800-53, RMF, and DFARS 252.204-7012.
Conduct regular compliance assessments, audits, and risk analyses of classified IT systems to identify and mitigate potential security gaps.
Provide input for developing and maintaining security documentation, including System Security Plans (SSP), Plan of Action & Milestones (POA&M), and risk assessments.
Collaborate with cybersecurity teams to ensure that security controls are implemented, tested, and maintained per compliance requirements.
Assist in the implementation and sustainment of Security Technical Implementation Guides (STIGs) and Continuous Monitoring (ConMon) programs.
Provide subject matter expertise on technical configurations to support classified system security controls, ensuring alignment with compliance objectives.
Stay up to date with evolving security and compliance regulations to ensure continuous improvement of policies and procedures.
Provide 1st tier technical support as needed in support of the Laboratory community. This would include taking shifts in the classified hubs to provide assistance with password resets and other end user issues as well as working tickets and assisting users as needed.
Candidates with experience Ansible or other automation tools will be given preference
Must Have:
Bachelor's degree in Cybersecurity, Information Systems, or a related technical field (or equivalent experience).
3+ years of experience (preferably 5+ years) in IT compliance, security, or risk management within classified or highly regulated environments.
5+ years of experience (preferably 7+ years) with the following technologies:
Windows 10/11
Windows Server
Active Directory
3+ years of experience (preferably 5+) with ONE of the following technologies:
VMware infrastructure (vCenter, ESXi, vSAN, Horizon, etc.)
Network or SAN storage platforms (NetApp, EMC, Pure, etc.)
Redhat Linux
Networking (configuring switches, routers, firewalls)
Strong understanding of DoD cybersecurity frameworks, including NIST 800-171, NIST 800-53, and RMF.
Experience working with security assessment tools, audit methodologies, and compliance reporting.
Familiarity with Security Technical Implementation Guides (STIGs) and other DoD security hardening standards.
Strong analytical and problem-solving skills with attention to detail.
Excellent communication and documentation skills to effectively collaborate with technical and non-technical stakeholders.
Excellent customer service skills
Excellent verbal and written communication skills
Ability to work independently toward delivery of goals as well as collaborate in team efforts
Security+ certification or the ability to obtain within 6 months of employment
As part of this role, the individual will need to demonstrate proficiency with DISA STIGs (full and benchmark),DISA’s SCC Tool, EvalSTIG, STIG Viewer and how to evaluate systems for STIG compliance.
Candidates with a background in evaluating and maintaining DoD compliant systems, especially those familiar with DISA’s Command Operational Readiness Assessment (CORA), will be given preference.
This position is 100% dedicated to supporting classified environment and therefore 100% onsite.
Responsibilities include but are not limited to:
Ensure compliance with applicable regulations, policies, and security frameworks, including relevant STIGs, NIST 800-171, NIST 800-53, RMF, and DFARS 252.204-7012.
Conduct regular compliance assessments, audits, and risk analyses of classified IT systems to identify and mitigate potential security gaps.
Provide input for developing and maintaining security documentation, including System Security Plans (SSP), Plan of Action & Milestones (POA&M), and risk assessments.
Collaborate with cybersecurity teams to ensure that security controls are implemented, tested, and maintained per compliance requirements.
Assist in the implementation and sustainment of Security Technical Implementation Guides (STIGs) and Continuous Monitoring (ConMon) programs.
Provide subject matter expertise on technical configurations to support classified system security controls, ensuring alignment with compliance objectives.
Stay up to date with evolving security and compliance regulations to ensure continuous improvement of policies and procedures.
Provide 1st tier technical support as needed in support of the Laboratory community. This would include taking shifts in the classified hubs to provide assistance with password resets and other end user issues as well as working tickets and assisting users as needed.
Candidates with experience Ansible or other automation tools will be given preference
Must Have:
Bachelor's degree in Cybersecurity, Information Systems, or a related technical field (or equivalent experience).
3+ years of experience (preferably 5+ years) in IT compliance, security, or risk management within classified or highly regulated environments.
5+ years of experience (preferably 7+ years) with the following technologies:
Windows 10/11
Windows Server
Active Directory
3+ years of experience (preferably 5+) with ONE of the following technologies:
VMware infrastructure (vCenter, ESXi, vSAN, Horizon, etc.)
Network or SAN storage platforms (NetApp, EMC, Pure, etc.)
Redhat Linux
Networking (configuring switches, routers, firewalls)
Strong understanding of DoD cybersecurity frameworks, including NIST 800-171, NIST 800-53, and RMF.
Experience working with security assessment tools, audit methodologies, and compliance reporting.
Familiarity with Security Technical Implementation Guides (STIGs) and other DoD security hardening standards.
Strong analytical and problem-solving skills with attention to detail.
Excellent communication and documentation skills to effectively collaborate with technical and non-technical stakeholders.
Excellent customer service skills
Excellent verbal and written communication skills
Ability to work independently toward delivery of goals as well as collaborate in team efforts
Security+ certification or the ability to obtain within 6 months of employment
group id: 10107749
