Cyber Security Engineer
Job Summary
A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource that is a part of the Rampant team
reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions that are
in alignment with the company’s goals.
Essential Duties & Responsibilities
SME on problem identification, diagnosis, and resolution of problems
Develop best practices for processes and standards that will better the system
Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as
required to comply with security requirements.
Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.
Perform hardening of ops systems, COTS and open-source product
Validate best practices in Penetration testing, Configuration analysis, and Security
Prepare comprehensive security assessment testing documentation to validate applied security controls in
support of Assessment and Authorization (A&A) testing. Generating/maintaining security accreditation artifacts
associated with RMF process to include, but not limited to Security Requirements Traceability Matrix, Security
Plans, Certification Test Plans, Continuous Monitoring Plans)2
Perform timely updates in accreditation DB
Provide technical guidance focused on information security architecture.
Key Skills, Education & Experience
Minimum of eight (3) years’ relevant experience as a Cybersecurity Engineer in programs and contracts of
similar scope, type, and complexity is required; ideally three (3+) years of direct experience in the same
level/grade for like role.
Techno functional knowledge of/experience in:
Execution of the Assessment & Authorization (A&A process) in accordance with government
requirements (e.g. ICD-503)
Information systems security and continuous monitoring practices and how to assess their
effectiveness per NIST SP 800-53 and NIST SP 800-53A.
DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls
assessment criteria/procedures
Integrity, availability, authentication, and non-repudiation concepts
IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
Network access, identity, and access management (e.g., public key infrastructure [PKI])
Security system design tools, methods, and techniques
Relevant laws, policies, procedures, or governance as they relate to work that may impact critical
infrastructure.
TCP/IP networking technologies, Linux account administration, Linux folder permissions, Patch
Management best practices on Operating Systems and applications, known vulnerabilities associated
with Windows and Linux platforms.
Continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging
existing tools, efforts, and incorporating new automation techniques.
Virtualization technologies (e.g. VMWare, Docker)
OSI model and how specific devices and protocols interoperate, including knowledge of protocols, and
services for common network traffic
DoD/IC system security control requirements
XACTA and SNOW
Security testing and penetration tools that include Assured Compliance Assessment Solution (ACAS),
Wireshark, Retina, Tripwire, etc…
Hands on experience and proficiency with the full Microsoft Office Suite and tools such as Microsoft
Project, Microsoft Visio
Self-starter/motivator and
Certifications and Clearance
Must have certifications (certifications with * indicate willing to hire if certification is within 3-6 months of
finalizing):
Active TS/SCI w/ Poly clearance required
Current certification compliant with DoD 8570 IAM or IAT level 3OR obtain certification within 6 months of
hire and maintain certification throughout employment.
MUST meet DoD 8570 IAT Level III requirements
IAT Level II Certifications (Security+ or equivalent)
Create a Job Alert
Interested in building your career at Rampant Technologies ? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field