Yesterday
Top Secret/SCI
Senior Level Career (10+ yrs experience)
IT - Security
San Diego, CA (On-Site/Office)
This role is 100% onsite
Job Description
A Global Government Contracting Company is looking for a Senior Cyber Architect. The qualified candidate will be working on and possibly leading security engineering teams supporting cybersecurity engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD systems.
Tasks may include:
Leading systems engineering teams
Leading Assessment and Authorization (A&A) activities for DoD Systems in accordance with Risk Management Framework
Supporting traditional systems engineering tasks such as CONOPS, requirements development and allocation, cyber design engineering, cyber implementation engineering, verification and Validation, and continuous monitoring efforts during deployment, Operations and Sustainment
Supporting offensive architecture analysis and design of defense-in-depth solutions
Supporting Development Security Operations (DevSecOps) integration
Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
Conducting and analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIG)
Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance
This position may require business travel to customer locations in support of customer meetings, product demonstration, Integration and/or systems testing.
Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization, threat modeling, offensive, attack vector, defense-in-depth, DevSecOps, DSO, CI/CD, Pipeline, Containerization, AWS Cloud, Kubernetes, MBSE, Attack Vector, Attack Surface, Resilience, Survivability
Required Education:
Bachelor of Science degree in a Cyber, Systems, Software, Electrical, Mechanical or similarly related engineering/technical discipline, and 6+ year(s) related experience or equivalent experience, training and/or certifications.
Required Skills:
ISC2 CISSP or equivalent certification
Strong engineering skills, interpersonal skills, and the ability to effectively build and lead teams
Extensive experience with traditional A&A tools: ACAS Nessus, SCAP Scanner, STIG Viewer
Demonstrated expertise in national Cybersecurity policies, DoD A&A processes and procedures and industry best practices on complex systems
Expertise in vulnerability assessment, control allocation and risk mitigation
Preferred Skills and Education:
Other cyber certifications (CISSP-ISSAP, CISSP-ISSEP, CCSP, CEH, OSCP, etc.)
Top Secret/SCI security clearance by the Federal Government
Understanding of offensive security tactics, techniques and procedures
Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)
Experience writing proposals with innovative cost-effective solutions
Experience with Open Container Initiative (OCI) including Platform One, Iron Bank and Repo One
Experience with offensive architecting, threat modeling and attack vector analysis
Experience with cloud and cross domain solution accreditations
Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates
Demonstrated leadership skills (supervisory experience, building teams, building customer relationships)
Ability to support proposal and cost activities
Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)
Experience with leading and coordinating security test events to achieve accreditation milestones
Experience with verifying and validating vulnerability resolutions and/or mitigations
Experience with supporting proposal and cost estimate activities
Experience with Attack and Threat modeling
Strong mentoring skills
Good planning and organizational skills
Strong oral and written communications skills
Kaztronix is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, sex, age, religion, disability, veteran status or any other consideration made unlawful by federal, state or local laws. In addition, all human resource actions in such areas as compensation, employee benefits, transfers, layoffs, training and development are to be administered objectively, without regard to race, color, religion, age, sex, national origin, disability, veteran status or any other consideration made unlawful by federal, state or local laws.
By applying to the position, you acknowledge that your information will be used by Kaztronix in processing your application.
Job Description
A Global Government Contracting Company is looking for a Senior Cyber Architect. The qualified candidate will be working on and possibly leading security engineering teams supporting cybersecurity engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD systems.
Tasks may include:
Leading systems engineering teams
Leading Assessment and Authorization (A&A) activities for DoD Systems in accordance with Risk Management Framework
Supporting traditional systems engineering tasks such as CONOPS, requirements development and allocation, cyber design engineering, cyber implementation engineering, verification and Validation, and continuous monitoring efforts during deployment, Operations and Sustainment
Supporting offensive architecture analysis and design of defense-in-depth solutions
Supporting Development Security Operations (DevSecOps) integration
Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
Conducting and analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIG)
Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance
This position may require business travel to customer locations in support of customer meetings, product demonstration, Integration and/or systems testing.
Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization, threat modeling, offensive, attack vector, defense-in-depth, DevSecOps, DSO, CI/CD, Pipeline, Containerization, AWS Cloud, Kubernetes, MBSE, Attack Vector, Attack Surface, Resilience, Survivability
Required Education:
Bachelor of Science degree in a Cyber, Systems, Software, Electrical, Mechanical or similarly related engineering/technical discipline, and 6+ year(s) related experience or equivalent experience, training and/or certifications.
Required Skills:
ISC2 CISSP or equivalent certification
Strong engineering skills, interpersonal skills, and the ability to effectively build and lead teams
Extensive experience with traditional A&A tools: ACAS Nessus, SCAP Scanner, STIG Viewer
Demonstrated expertise in national Cybersecurity policies, DoD A&A processes and procedures and industry best practices on complex systems
Expertise in vulnerability assessment, control allocation and risk mitigation
Preferred Skills and Education:
Other cyber certifications (CISSP-ISSAP, CISSP-ISSEP, CCSP, CEH, OSCP, etc.)
Top Secret/SCI security clearance by the Federal Government
Understanding of offensive security tactics, techniques and procedures
Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)
Experience writing proposals with innovative cost-effective solutions
Experience with Open Container Initiative (OCI) including Platform One, Iron Bank and Repo One
Experience with offensive architecting, threat modeling and attack vector analysis
Experience with cloud and cross domain solution accreditations
Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates
Demonstrated leadership skills (supervisory experience, building teams, building customer relationships)
Ability to support proposal and cost activities
Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)
Experience with leading and coordinating security test events to achieve accreditation milestones
Experience with verifying and validating vulnerability resolutions and/or mitigations
Experience with supporting proposal and cost estimate activities
Experience with Attack and Threat modeling
Strong mentoring skills
Good planning and organizational skills
Strong oral and written communications skills
Kaztronix is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, sex, age, religion, disability, veteran status or any other consideration made unlawful by federal, state or local laws. In addition, all human resource actions in such areas as compensation, employee benefits, transfers, layoffs, training and development are to be administered objectively, without regard to race, color, religion, age, sex, national origin, disability, veteran status or any other consideration made unlawful by federal, state or local laws.
By applying to the position, you acknowledge that your information will be used by Kaztronix in processing your application.
group id: 10195552
