Chantilly, Virginia, USA
16 days ago
Cyber Security Engineer Senior
Overview BigBear.ai is seeking a Senior Cybersecurity Engineer to join our GFIM Team working on cybersecurity projects within the Department of Defense. This project offers a hybrid schedule, with 2-3 days a week joining the team in person in Chantilly, VA. It will require to be in SCIF for IL6 work is required. This candidate will closely work with the system team to prepare and submit the IATT and ATO package and remediate the security issues in both cloud and on-prem. What you will do Operate and managing ATO packages through eMASS Create and manage Plan of Action & Milestones (POA&Ms). Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects. Windows & linux STIG/SRG assessment experience. Analyze and define security requirements for Multilevel Security (MLS) issues. Deliver Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects. Analyze and recommend resolution of security/IA problems based on knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines. Apply information security in accordance with National/DOD directives security policy including, but not limited to, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171 Assess entire system lifecycle requirements and network security impacts. Support creation of, and ensure approval for, Department of Defense Security (DOD) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects. Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures. Implement security – Run scans using Nessus Security Center. What you need to have Bachelor's Degree in Information Assurance, Computer Science, Information Management Systems or a related discipline and 5 to 8 years of experience; or Master's Degree and 3 to 6 years of experience; or PhD and 0 to 3 years of experience; or (in lieu of Bachelor’s degree, 6 additional years of relevant experience) Clearance: Must possess and maintain a current active Secret clearance Certifications: minimum 8570 IAT Level II certification (Security+ CE or equivalent) A minimum of eight (8) years related IT Security experience Highly proficient with eMASS Experience taking and managing ATO packages through eMASS Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems” and NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems” Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies Working knowledge of Federal Information Security Management Act (FISMA) reporting requirements and processes Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas Excellent written and verbal communication skills Working knowledge of Agile Scrum Methodology What we'd like you to have CISSP, CASP, GCED certification Experience with AWS Experience with continuous integration tools and environments Experience w/ Application Security & Development STIG Demonstrated experience with SonarQube Demonstrated Experience with BURP Suite Knowledge of DevSecOps tools – Jenkins, Docker, Kubernetes About BigBear.ai BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Customers and partners rely on BigBear.ai’s predictive analytics capabilities in highly complex, distributed, mission-based operating environments. Headquartered in Columbia, Maryland, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit https://bigbear.ai/ and follow BigBear.ai on LinkedIn: @BigBear.ai and X: @BigBearai.
Confirm your E-mail: Send Email