Cyber Security Engineer

Company: CRM Hike
Location: Fairfax
Posted on: April 26, 2025

Job Description:

A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource that is a part of the Rampant team reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions that are in alignment with the company's goals.Responsibilities:

• SME on problem identification, diagnosis, and resolution of problems.
• Develop best practices for processes and standards that will better the system.
• Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements.
• Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.
• Perform hardening of ops systems, COTS and open-source products.
• Validate best practices in Penetration testing, Configuration analysis, and Security.
• Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing. Generating/maintaining security accreditation artifacts associated with RMF process to include, but not limited to Security Requirements Traceability Matrix, Security.
• Perform timely updates in accreditation DB.
• Provide technical guidance focused on information security architecture.Key Skills, Education & Experience:
• Minimum of eight (3) years' relevant experience as a Cybersecurity Engineer in programs and contracts of similar scope, type, and complexity is required; ideally three (3+) years of direct experience in the same.
• Techno functional knowledge of/experience in:
• Execution of the Assessment & Authorization (A&A process) in accordance with government requirements (e.g. ICD-503).
• Information systems security and continuous monitoring practices and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
• DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures.
• Integrity, availability, authentication, and non-repudiation concepts.
• IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Network access, identity, and access management (e.g., public key infrastructure [PKI]).
• Security system design tools, methods, and techniques.
• Relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure.
• Management best practices on Operating Systems and applications, known vulnerabilities associated with Windows and Linux platforms.
• Continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques.
• Virtualization technologies (e.g. VMWare, Docker).
• OSI model and how specific devices and protocols interoperate, including knowledge of protocols, and services for common network traffic.
• DoD/IC system security control requirements.
• XACTA and SNOW.
• Security testing and penetration tools that include Assured Compliance Assessment Solution (ACAS).
• Hands on experience and proficiency with the full Microsoft Office Suite and tools such as Microsoft Project, Microsoft Visio.
• Self-starter/motivator.Certifications and Clearance:
• Must have certifications (certifications with * indicate willing to hire if certification is within 3-6 months of).
• Active TS/SCI w/ Poly clearance required.
• Current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment.
• IAT Level II Certifications (Security+ or equivalent).
  #J-18808-Ljbffr

Keywords: CRM Hike, Centreville , Cyber Security Engineer, Engineering , Fairfax, Virginia