• Troubleshoot application defects and vulnerabilities.
• Report security incidents and assist IT staff in resolving reported incidents.
• Participate in security investigations and compliance reviews.
• Perform incident response and remediation.
• Research, monitor, and assess new threats and security alerts, and recommend remedial actions.
• Guide security activities in the system development life cycle (SDLC) and application development efforts.
• Identify security issues and risks and develop mitigation plans.
• Write detailed vulnerability reports and track vulnerabilities through their lifecycle.
• Collaborate with production, development, QA, and IT Operations teams.
• Manage security systems including CCTV, access control, IDS, SIEM, EDR, HIDS, WAF, IAM, MDM, SOAR, and DFIR.

Skills: Application Security, Incident Response, Threat Monitoring, Compliance Reviews, Secure SDLC, Risk Mitigation, Vulnerability Management, Security Systems Administration

• Identify points of vulnerability and recommend mitigation strategies to strengthen the overall security posture.
• Validate and verify system security requirements through testing and compliance checks.
• Analyze system security designs to ensure alignment with organizational standards and industry best practices.
• Design, develop, and implement security systems and components across networking, computing, and support environments.
• Provide technical guidance in Information Assurance concepts, principles, and standards, including the use of IA-related metadata and risk analysis.
• Support incident response processes by identifying, investigating, and mitigating security incidents.
• Stay abreast of emerging threats, vulnerabilities, and attack vectors, and remain active in the broader security community.
• Establish and maintain strong working relationships with business units to integrate security practices into daily operations.
• Proactively support, train, and mentor less experienced team members to build team capability.
• Participate in special projects and additional duties, contributing security expertise across initiatives.

Skills: Vulnerability Assessment, Security Testing, Security Analysis, System Design, Information Assurance, Incident Response, Threat Intelligence, Security Integration, Team Mentorship, Project Support

• Actively manage projects and drive security vulnerability remediation efforts across the organization.
• Collaborate with product development and solution delivery teams to provide expertise and support for information security matters.
• Accountable for the day-to-day operations of the Security Operations function.
• Contribute to security planning, assessment, risk analysis, certification, and awareness activities for network and system operations.
• Continuously assess, measure, and monitor information technology risk by performing network and system vulnerability assessments.
• Identify weak or missing security controls and vulnerabilities.
• Research and evaluate current or emerging security technologies to support cybersecurity initiatives.
• Maintain compliance with security policies, standards, and procedures.
• Manage cybersecurity compliance activities and implement improvements.
• Responsible for identifying and collecting relevant information security metrics.
• Measure performance indicators of program activities and effectively communicate status to stakeholders.
• Review existing policies and procedures and work with management to keep them updated.

Skills: Project Management, Security Operations, Risk Analysis, Vulnerability Assessment, Compliance Management, Security Metrics, Technology Evaluation, Policy Development

• Define system security requirements in coordination with security stakeholders, including system engineers, program managers, security control assessors, and authorizing officials.
• Provide independent cybersecurity advice and guidance to government stakeholders.
• Develop or review system security designs and architectures.
• Advise software engineers on best practices to remediate vulnerability findings throughout the SDLC.
• Support engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
• Develop cybersecurity documentation in support of the Risk Management Framework (RMF) process in accordance with NIST SP 800-37 Rev 2.
• Collaborate with interdisciplinary teams to deliver securely engineered software as a natural result of a trusted development chain.
• Serve as a trusted advisor to peers and leadership.
• Stay current on industry trends and emerging threats.
• Contribute security knowledge as a member of enterprise-level project teams.

Skills: Security Requirements, Cybersecurity Guidance, Security Architecture, Vulnerability Remediation, Risk Analysis, RMF Compliance, Secure Development, Trusted Advising

• Assist in market research to leverage best practices from commercial, military, and allied sources to support alternatives to current systems in meeting simulator program requirements.
• Assist in a capability gap analysis of current mission simulation systems regarding concurrency, fidelity, network connectivity, interoperability, cybersecurity, productivity, and sustainability, as well as improvements over existing full motion simulator sub-systems.
• Assist in a study defining a full motion simulation system that accounts for hardware, software, levels of fidelity, and a standard system architecture based on model-based systems engineering development and design.
• Review and translate operational needs statements and requirements from stakeholders, along with the results of market research, gap analysis, and engineering studies, into engineering requirements and specifications to be used in the development of documentation.
• Review requirements to identify potential security vulnerabilities during the design stage of technical solution development.
• Develop and execute systems engineering processes that incorporate mission resiliency against cyber threats into the design process.
• Develop test procedures and system-level testing to be annotated in test plans and other documentation.
• Verify and validate requirements through testing.
• Contribute to security planning, assessment, risk analysis, risk management, certification, and awareness activities for system operations.
• Ensure configuration management for security-relevant information systems software, hardware, and firmware is maintained and documented.
• Develop system documentation for information system assessment and authorization, security management, and continuous monitoring.

Skills: Market Research, Gap Analysis, Systems Engineering, Requirements Development, Security Design, Test Validation, Risk Management, Configuration Management

• Experience working as an Information Systems Security Officer (ISSO) or Information Systems Security Engineer (ISSE).
• Experience in guiding a client through the entire Risk Management Framework (RMF) process.
• Experience with achieving system certification, accreditation, assessment, and authorization, including IATT and ATOs.
• Experience with Digital Engineering, Data Science, Machine Learning (ML), or Artificial Intelligence (AI).
• Knowledge of the systems and software engineering management process and its implementation, as applied to DoD acquisition processes throughout all life cycle phases.
• IAT or IAM Level II minimum Certification, including GSEC, Sec+, CASP+, GICSP, CEH, CISM, or CISSP.
• Experience working with DISA STIGs, as well as DevSecOps.
• Ability to apply Cybersecurity engineering methods to the solution development life cycle activities.
• Ability to research emerging technology and apply it to cutting-edge problems.
• Excellent presentation and collaboration skills.
• Strong interpersonal skills.

Qualifications: BS in Software Engineering with 8 years of Experience

• Experience in configuring and securing systems to achieve compliance with Security requirements (Controls, STIGS).
• Experience conducting Assessment and Authorization (A&A) using Risk Management Framework (RMF) activities across all 6 steps.
• Expertise in administering Windows, Linux, VMWare, and Cisco network devices in an enterprise or tactical environment.
• Experience and competency with the Microsoft Office Suite, e.g., Word, Excel, PowerPoint, etc.
• Experience and competency with Nessus/ACAS and HBSS/McAfee ePo.
• Experience working with and understanding classified networks, systems, and the Software Development Life Cycle (SDLC).
• Possess and maintain DoD 8570.1 IAT/IAM Level 3 Certification, Certified Information Systems Security Professional (CISSP), or comparable.
• Experience working with non-traditional IT (e.g., small, purpose-built computers and/or networked sensor equipment).
• Hold certifications, such as MCSE, Linux+, CEH, CHFI, or OCSP.
• Working experience with eMass and XACTA.
• Working experience with Agile and Scrum.
• Clear communication and documentation abilities.
• Strong critical thinking to identify, assess, and mitigate risks in dynamic environments, especially when working with non-traditional IT or emerging threats.

Qualifications: BS in Cybersecurity with 9 years of Experience

• Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP).
• At least one IASAE Level II or IASAE Level III proficiency.
• Familiarity with the use and operation of security tools, including Tenable Nessus and/or Security Center, IBM Guardium, HP WeblInspect, Network Mapper (NMAP), and/or similar applications.
• Experience with Amazon Web Services (AWS) or Microsoft Azure.
• Hands-on experience investigating security incidents, performing root cause analysis, and applying lessons learned to strengthen defenses.
• Experience in creating, reviewing, and enforcing organizational security policies and procedures aligned with DoD or NIST standards.
• Experience working with development teams to embed security practices throughout the CI/CD pipeline.
• Strong stakeholder engagement skills.
• Good time and priority management skills with conflict resolution.
• Ability to anticipate future cyber risks and align security posture with evolving threats and technologies.

Qualifications: BS in Computer Science with 7 years of Experience

• Prior experience in one or more information protection capabilities such as security monitoring, threat intelligence, network protection, data protection, endpoint protection, technical security assessments, and security architecture.
• Knowledge on perimeter security, like Intrusion Detection Systems, Intrusion Prevention Systems, Web filtering, Application Filtering, and Firewalling.
• Solid understanding of network engineering, preferably with certified credentials in this area.
• Practical knowledge of information security standards and policies like ISO 27001/27002, NIST, or similar.
• Ability to investigate, contain, and remediate cyber incidents.
• Experience with vulnerability scanning tools and remediation processes.
• Familiarity with frameworks like GDPR, HIPAA, PCI DSS, or SOC 2.
• Strong analytical and critical thinking skills, and the ability to assess complex problems and recommend practical solutions.
• Excellent verbal and written communication skills.
• Self-starter with a high degree of initiative and the ability to effectively prioritize multiple efforts.

Qualifications: BS in Information Technology with 5 years of Experience

• Experience in Systems Security Engineering.
• Experience in design, development, and fielding of Systems Security Engineering (SSE) systems.
• Experience in drafting Systems Security Engineering Requirements and effectively communicating these requirements with other groups.
• Experience with the Risk Management Framework (RMF) process, including NIST and DoD standards.
• Can perform periodic vulnerability scans of networks to identify security vulnerabilities and provide remediation alternatives, and conduct security risk assessments to ensure compliance with corporate security policies and adherence to best practices.
• Experience with drafting security documents for various security certifications.
• Experience with eMass or Xacta.
• Experience with Security Center, Nessus, and/or DoD-approved security testing tools.
• Experience with Microsoft Visio.
• Knowledge or experience in an Agile environment.
• Good written, oral, and presentation communication skills.

Qualifications: BS in Computer Engineering with 6 years of Experience