Senior Cybersecurity Engineer_

Colorado Springs

115,000-125,000 per year | Colorado Springs, CO, USA | Salary | Full Time

Senior Cybersecurity Engineer

DEFTEC delivers mission critical solutions through skillfully delivered services and innovative products. We are inspired by the critical missions of our clients, and we are driven to provide the most effective solutions to execute their missions, operational challenges, and requirements. Our dedicated, experienced, and talented employees work closely with our clients to ensure the delivery of exceptional services and products.

POSITION OVERVIEW

DEFTEC Corporation is seeking a Senior Cybersecurity Engineer. This position ensures that the information security requirements necessary to protect the core mission and business process are adequately addressed in all aspects of the enterprise architecture, to include reference documentation and system architectures. The ideal candidate will function as a Subject Matter Expert (SME) on each system architecture and design, review technical documentation in support of analysis, system design, development testing, and deployment of security systems. You will provide information assurance assessment and recommendations concerning safeguarding of IS through risk analysis, vulnerability assessment, and compliance with NIST SP 800.53. You'll be expected to interact with military, Government civilians, and contractor staff at all levels to support the A&A efforts of each mission/system. You will provide input on assigned enclaves as relates to how proposed modifications, additions, and technology upgrades would impact the overall security posture of the system.

JOB RESPONSIBILITIES:

+ Ensure that Cybersecurity requirements are effectively integrated into Information Systems and components through purposeful security architecting, design, development, and configuration

+ Employ best practices when implementing security controls within an Information System

+ Provide assessment and technical inputs to any system changes for all associated system enclaves

+ Perform FISMA required risk assessment of policies, procedures, supplemental plans addressing network, facilities and system security, security awareness training, testing and evaluation of security controls, incident response plan, and continuity of operations plans

+ Evaluate the requests for compliance and integration with all applicable cybersecurity policies, Notice to Airmen (NOTAMs), and Technical Change Orders (TCOs)

+ Create/maintain a Government owned Cyber Schedule that captures all mission cybersecurity activities and actions. The schedule needs to be capable of showing a high-level view of all project/activity milestones, accomplishments, and discrete tasks including Authorization and Assessment activities for RMF packages, cyber assessments, and O&M Mods or depot sustainment cases that improve the systems cybersecurity posture

+ Provide IS and compliance documentation to include but not limited to:

+ Categorize ISs IAW Committee on National Security Systems Instruction (CNSSI) 1253

+ Initiate the security plan, register system with DoD Information Technology Investment Portfolio System (ITIPS) and Enterprise Mission Assurance Support System (eMASS) and select security controls for all computer enclaves IAW National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53

+ Identify common controls; develop monitoring strategy, and plan, review, and obtain approval IAW NIST SP 800-53 and CNSSI 1253

+ Implement and document control solutions consistent with DoD cybersecurity architectures IAW NIST SP 800-160 and NIST SP 800-18

+ Prepare the Plan of Action and Milestone (POA&M) and submit security authorization packages, to include all required artifacts to Authorizing Official (AO)

+ Provide RMF training/education for program managers and integrated product team leads

QUALIFICATIONS:

Required Qualifications:

+ Active DoD TOP SECRET clearance

+ High School Diploma with 10+ years experience in IT or cybersecurity experience performing IAT Level II functions (threat, attacks, vulnerabilities, identification and access management, architecture and design, and risk management); and/or IAM Level II functions (developing and implementing IA policies in coordination with IA inspections and reviews)

+ Bachelor's degree counts for 4 years experience; Masters degree counts for 6 years of experience

+ DoDI 8140 fundamental qualification at the intermediate or higher level. (BS in Information Technology, Cybersecurity, Data Science, Information Systems or Computer Science or GFACT, GISF, Cloud+ GCED, PenTest+, Security+, CySA or GSEC)

Preferred Qualifications:

+ Experience with Xacta

+ Experience with ITIPS, eMASS, ACAS, FISMA, and/or DISA IASE

+ Bachelor's or Master's Degree

+ SCI Eligibility

DEFTEC offers a comprehensive whole life benefits package that includes medical, dental, vision, holiday, paid time off, life insurance, short/long term disability, and educational reimbursement. DEFTEC also matches 401k contributions dollar for dollar up to 3% of employee's income and an additional $0.50 for every dollar between 4-5% of employee's income. The DEFTEC team is comprised of professionals who make a difference every day in crucial missions related to national security. Our leadership knows that this happens by employing a diverse team who is well taken care of. Our employees are our top priority making DEFTEC an ideal place to work.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Please contact [email protected] if you require reasonable accommodations.

DEFTEC is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP and alcohol when criteria is met as outlined in our policies.

AAP/EEO Statement

DEFTEC Corp is an Equal Opportunity and Affirmative Action Employer and prohibits discrimination and harassment of any type   on the basis of actual or perceived race, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding   and medical conditions related to pregnancy, childbirth or breastfeeding),   gender, gender identity, and gender expression, religious creed,   disability (mental and physical) including HIV and AIDS, medical condition (cancer and genetic characteristics ), genetic information, age, marital status, civil union status, sexual orientation, military and veteran status, denial of family and medical care leave, arrest record and/or any other characteristic(s) protected by federal, state or local law.

This policy applies to all terms of employment including   recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, training, compensation, benefits, employee activities and general treatment during employment.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.