DE Jobs

Search from over 2 Million Available Jobs, No Extra Steps, No Extra Forms, Just DirectEmployers

Job Information

SGSS Pr. Cybersecurity and Compliance Engineer (1108945) in Washington, District Of Columbia

Space Ground System Solutions, a Parsons company, has an immediate full-time opening for aPrincipal Cybersecurity and Compliance Engineer to support the Naval Research Laboratory (NRL) in Washington, DC. We are seeking aPrincipal Cybersecurity and Compliance Engineer who can structure, design, execute, and manage security solutions for a growing portfolio of software- and IT-centric projects to deliver ground-to-space transmit/receive services for the Naval Research Lab (NRL) and NRL's sponsors. A successful candidate will bring experience engineering efficient security solutions that enable rapid iterative system development in a classified security context.

RESPONSIBILITIES

  • Design, deliver, and operate a security structure, in close partnership with the US Naval Research Lab and sponsor program security managementto deliver antenna services to the broader community
  • Support and liaise with government program management, security controls assessors, and authorizing officials (AOs) to ensure the integrity, security, and reliability of our services
  • Developing and accrediting a secure design for iterative delivery of services in AWS GovCloud
  • Work with and lead a multidisciplinary team including IT engineers, security personnel, and software developers through clear communication and direction to deliver a complete, secure, compliant systems solution.
  • Utilize security experience of various security disciplines (i.e., physical, safeguarding, and classification management) to determine, apply, monitor and ensure appropriate security requirements applicable to the work programs.
  • Implement, document, and verify security controls in commercial or private cloud-hosted information systems and orchestrate transition to government ownership and operation.
  • Work with software, network, IT, facilities, and program security officials to design, assess, and mature the security posture of a multi-level (unclass through TS) DevSecOps pipeline.
  • Design and coordinate the integration of defensive cyber operations sensors and sources into enterprise monitoring constructs.
  • Enable a cross-organization, geographically distributed system development team to effectively deliver new software and IT services.
  • Implement the management and training for software developers, system administrators, and other IT personnel, spearheading the integration of security concerns into a holistic engineering culture.
  • Develop incident management plans, and conduct clear and concise assessments, corrective action plans, policies, procedures, and reports. This includes investigations of security incidents to determine the potential for compromise of program information, conducting government required self-inspections to ensure compliance with sponsor regulations and reduce security risks within NRL-managed and peer systems.

REQUIRED QUALIFICATIONS

  • Must be a US citizen
  • Active DoDSecretclearancerequired; with the ability to obtain a TS/SCI clearance and other accesses within one year of hire
  • BS in relevant field (Computer Science, Software Engineer, Information Technology) and 15 years of related experience
  • 10+ years of contractor or government program security experience supporting classified programs
  • Familiarity with security manuals, directives, and Executive Orders including NISPOM, DCIDs, ICDs, Sponsor Instruction, DODM 5205.07
  • Demonstrated history of teamwork and service skills
  • Demonstrated ability to communicate clearly, verbally and in writing, to supported staff, management, and government customers
  • Experience developing formal authorization and accreditation packages and associated bodies of evidence as a part of an IT team
  • Deep familiarity with NIST 800-53/RMF and/or NIST 800-171 and CMMC compliance frameworks, including process and technical implementation
  • Exposure to 800-53/171 compliance in the commercial cloud environment
  • Familiarity with utomation e.g., Ansible, Terraform, CloudFormation, InSpec to implement and verify security compliance

PREFERRED QUALIFICATIONS

  • Strong preference for candidates holding current TS/SCI and experience in applying cybersecurity monitoring and compliance in accredited TS systems
  • Experience with securing commercial cloud-hosted workloads
  • Demonstrated experience with achieving formal gov't authorizations in commercial cloud-hosted systems (e.g., AWS GovCloud, C2S, etc)
  • Experience serving in security engineering and compliance for a classified IT development program
  • Knowledge of National Security Space systems
DirectEmployers