Today
Top Secret
Unspecified
Unspecified
IT - Security
Saint Charles, MO (On-Site/Office)
Our client is currently seeking a Product Security Engineer/with TS clearance
Job Code: - Product Security Engineer-2
Work Location: St Charles, MO
ACTIVE TOP SECRET CLEARANCE REQUIRED TO START
Primary Responsibilities:
- This individual will serve as a knowledgeable product security engineer on the program for assessing, updating, and maintaining the security posture of the programs.
- This team will be supporting the program's systems by interacting continuously with the cyber team compliance team to remediate any vulnerabilities found during automated or manual cyber scans.
- A detailed oriented individual with strong experience in generating IATT/ATO artifacts/packages and obtaining subsequent approvals is a must for this position.
- Assess organization-wide security and privacy risk and update assessment results on an ongoing basis
- Perform system analysis and develop system test for cyber threats, cyber test activities, and the cybersecurity of large-scale events
- Support and facilitate various ATO/IATT packages including processing IAVMs and CTOs for the same
- Perform cyber risk assessments and develop risk mitigation plans (i.e., POA&Ms, SCRM, etc.) using a variety of tools
- Perform software assurance tasks, including but not limited to software assurance risk reports
- Ensure product security engineering development lifecycle is followed, with an emphasis on clear requirements development/verification
- Perform criticality analysis to include the ability to work with suppliers, identify critical components, and integrating them into the overall system
- Support proposal development efforts, including but not limited to: BOE generation, GR&A development, trade study analysis
- Support the engineering installation & analysis of patches and various system updates and upgrades to determine system consequence of these changes
- Attend, collect data from, out brief, and facilitate collaboration and project management from various program boards
- Applying Security Technical Implementation Guides (STIGs)
- Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools
- Documentation and verification of all installation and configuration steps for the labs and operations deliveries
- Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes
- Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations
- Support cyber threat intelligence activities
- Support the development and maintenance of cyber scanning, patching, remediation, tools and applications
- Support, as required, TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers as needed
- Perform and/or support the development of tools for cyber forensics
- Develop, define efficiencies and improvements to tools to improve team productivity
- Perform system analysis trade studies to define technical concepts and solutions
Basic Qualifications (Required Skills/Experience):
- Bachelor or Master of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry.
- Active Top Secret clearance
- Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA)
- Experience using analytical, collaboration, communication and organizational skills
- 2 years+ experience in product security / cybersecurity engineering
- 2 years+ experience with industry standard cybersecurity frameworks (NIST, OWASP, DFARS)
Preferred Qualifications (Desired Skills/Experience):
- 2 years+ experience in Windows/RHEL System admin experience, installing, tuning & troubleshooting Cyber Tools to include ESS/HBSS, ConfigOS, Splunk, etc.
- 2 years+ experience in configuring, running, and scripting audit tools
- 2 years+ experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g. Fortify)
- Experience with Federal Information Security Management Act (FISMA)/RMF and National institute of Standards and Technology (NIST) 800-53 requirements
- Experience leading system and component level cyber test and evaluation, including threat and security assessments, and tabletop exercises
- Experienced self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concept
- Growing understanding of DoD defense systems architectures and communications system concepts, mission, and common system test and data analysis techniques
Education / Experience: Bachelor or Master of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry.
Job Code: - Product Security Engineer-2
Work Location: St Charles, MO
ACTIVE TOP SECRET CLEARANCE REQUIRED TO START
Primary Responsibilities:
- This individual will serve as a knowledgeable product security engineer on the program for assessing, updating, and maintaining the security posture of the programs.
- This team will be supporting the program's systems by interacting continuously with the cyber team compliance team to remediate any vulnerabilities found during automated or manual cyber scans.
- A detailed oriented individual with strong experience in generating IATT/ATO artifacts/packages and obtaining subsequent approvals is a must for this position.
- Assess organization-wide security and privacy risk and update assessment results on an ongoing basis
- Perform system analysis and develop system test for cyber threats, cyber test activities, and the cybersecurity of large-scale events
- Support and facilitate various ATO/IATT packages including processing IAVMs and CTOs for the same
- Perform cyber risk assessments and develop risk mitigation plans (i.e., POA&Ms, SCRM, etc.) using a variety of tools
- Perform software assurance tasks, including but not limited to software assurance risk reports
- Ensure product security engineering development lifecycle is followed, with an emphasis on clear requirements development/verification
- Perform criticality analysis to include the ability to work with suppliers, identify critical components, and integrating them into the overall system
- Support proposal development efforts, including but not limited to: BOE generation, GR&A development, trade study analysis
- Support the engineering installation & analysis of patches and various system updates and upgrades to determine system consequence of these changes
- Attend, collect data from, out brief, and facilitate collaboration and project management from various program boards
- Applying Security Technical Implementation Guides (STIGs)
- Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools
- Documentation and verification of all installation and configuration steps for the labs and operations deliveries
- Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes
- Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations
- Support cyber threat intelligence activities
- Support the development and maintenance of cyber scanning, patching, remediation, tools and applications
- Support, as required, TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers as needed
- Perform and/or support the development of tools for cyber forensics
- Develop, define efficiencies and improvements to tools to improve team productivity
- Perform system analysis trade studies to define technical concepts and solutions
Basic Qualifications (Required Skills/Experience):
- Bachelor or Master of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry.
- Active Top Secret clearance
- Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA)
- Experience using analytical, collaboration, communication and organizational skills
- 2 years+ experience in product security / cybersecurity engineering
- 2 years+ experience with industry standard cybersecurity frameworks (NIST, OWASP, DFARS)
Preferred Qualifications (Desired Skills/Experience):
- 2 years+ experience in Windows/RHEL System admin experience, installing, tuning & troubleshooting Cyber Tools to include ESS/HBSS, ConfigOS, Splunk, etc.
- 2 years+ experience in configuring, running, and scripting audit tools
- 2 years+ experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g. Fortify)
- Experience with Federal Information Security Management Act (FISMA)/RMF and National institute of Standards and Technology (NIST) 800-53 requirements
- Experience leading system and component level cyber test and evaluation, including threat and security assessments, and tabletop exercises
- Experienced self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concept
- Growing understanding of DoD defense systems architectures and communications system concepts, mission, and common system test and data analysis techniques
Education / Experience: Bachelor or Master of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry.
group id: cxjudgpa
