Job Requirements
N N, VA
Secret Polygraph not specified
Senior Level Career (10+ yrs experience)
$81.99
Job Description
Senior Cyber Security Engineer – GCCS-J
Location: Newport News, VA – On-site Full-Time Required
Position Type: Full-Time
Clearance Requirement: Active Secret Clearance
Program: Global Command and Control System – Joint (GCCS-J)
Program Summary
GCCS-J is the DoD’s Joint Command and Control system of record, providing a fused, real-time operational picture to commanders and warfighters. The modernization effort emphasizes secure cloud-native architecture, microservices, advanced data ingestion, improved data integrity, and alignment with JADC2 objectives. Cybersecurity is foundational to this modernization, ensuring that all software and infrastructure meet stringent DoD security, accreditation, and operational resilience requirements.
Position Summary
The Senior Cyber Security Engineer leads cybersecurity, Information Assurance (IA), and Risk Management Framework (RMF) activities across GCCS-J classified development and integration environments. This role serves as the technical authority for security compliance, secure configuration, vulnerability management, and accreditation readiness. The engineer ensures that all software, systems, and lab environments meet DoD cybersecurity standards, DISA STIG requirements, and mission-critical security objectives while supporting modernization of GCCS-J capabilities.
Key Responsibilities
Area Responsibilities
IA & RMF Leadership • Lead RMF activities and accreditation efforts across SIPR environments.
• Ensure compliance with DoD IA controls, STIGs, SRGs, and security baselines.
SIPR Lab Security Operations • Oversee secure operations of SIPR-based development and integration labs.
• Manage system hardening, patching, and secure configurations.
Security Validation & Testing • Conduct vulnerability scans, compliance checks, and security assessments.
• Validate software releases against IA and RMF requirements.
Secure Software Engineering • Guide developers on secure coding practices and architecture.
• Review code, designs, and data flows for security risks.
DevSecOps Integration • Integrate security scanning tools into CI/CD pipelines.
• Automate compliance validation and vulnerability detection.
Incident Response & Monitoring • Monitor systems for security events and anomalies.
• Lead incident response, triage, and mitigation activities.
Documentation & Reporting • Maintain IA documentation, POA&Ms, and accreditation artifacts.
• Support audits, CCRI preparation, and formal security reviews.
Stakeholder Collaboration • Coordinate with ISSMs, ISSOs, developers, testers, and government security authorities.
• Communicate risks, mitigations, and security posture.
Basic Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related STEM field.
• 7+ years of cybersecurity or IA engineering experience.
• Experience operating and securing SIPR or other classified environments.
• Strong understanding of RMF, DISA STIGs, SRGs, and DoD cybersecurity policies.
• Experience with ACAS, Nessus, Fortify, SonarQube, or similar tools.
• Proficiency with Linux/UNIX and Windows system hardening.
• Experience supporting secure software development and DevSecOps pipelines.
• Strong analytical, documentation, and communication skills.
• Active Secret clearance.
Preferred Qualifications
• TS/SCI clearance.
• Experience supporting C2 or mission-critical DoD systems.
• Knowledge of container security, Kubernetes hardening, and OCI security.
• Experience with Ansible, automation frameworks, and secure configuration management.
• Familiarity with SIEM tools, log analysis, and security monitoring.
• Experience preparing for DISA CCRI inspections.
• Knowledge of network security, enclave protections, and cross-doma
Location: Newport News, VA – On-site Full-Time Required
Position Type: Full-Time
Clearance Requirement: Active Secret Clearance
Program: Global Command and Control System – Joint (GCCS-J)
Program Summary
GCCS-J is the DoD’s Joint Command and Control system of record, providing a fused, real-time operational picture to commanders and warfighters. The modernization effort emphasizes secure cloud-native architecture, microservices, advanced data ingestion, improved data integrity, and alignment with JADC2 objectives. Cybersecurity is foundational to this modernization, ensuring that all software and infrastructure meet stringent DoD security, accreditation, and operational resilience requirements.
Position Summary
The Senior Cyber Security Engineer leads cybersecurity, Information Assurance (IA), and Risk Management Framework (RMF) activities across GCCS-J classified development and integration environments. This role serves as the technical authority for security compliance, secure configuration, vulnerability management, and accreditation readiness. The engineer ensures that all software, systems, and lab environments meet DoD cybersecurity standards, DISA STIG requirements, and mission-critical security objectives while supporting modernization of GCCS-J capabilities.
Key Responsibilities
Area Responsibilities
IA & RMF Leadership • Lead RMF activities and accreditation efforts across SIPR environments.
• Ensure compliance with DoD IA controls, STIGs, SRGs, and security baselines.
SIPR Lab Security Operations • Oversee secure operations of SIPR-based development and integration labs.
• Manage system hardening, patching, and secure configurations.
Security Validation & Testing • Conduct vulnerability scans, compliance checks, and security assessments.
• Validate software releases against IA and RMF requirements.
Secure Software Engineering • Guide developers on secure coding practices and architecture.
• Review code, designs, and data flows for security risks.
DevSecOps Integration • Integrate security scanning tools into CI/CD pipelines.
• Automate compliance validation and vulnerability detection.
Incident Response & Monitoring • Monitor systems for security events and anomalies.
• Lead incident response, triage, and mitigation activities.
Documentation & Reporting • Maintain IA documentation, POA&Ms, and accreditation artifacts.
• Support audits, CCRI preparation, and formal security reviews.
Stakeholder Collaboration • Coordinate with ISSMs, ISSOs, developers, testers, and government security authorities.
• Communicate risks, mitigations, and security posture.
Basic Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related STEM field.
• 7+ years of cybersecurity or IA engineering experience.
• Experience operating and securing SIPR or other classified environments.
• Strong understanding of RMF, DISA STIGs, SRGs, and DoD cybersecurity policies.
• Experience with ACAS, Nessus, Fortify, SonarQube, or similar tools.
• Proficiency with Linux/UNIX and Windows system hardening.
• Experience supporting secure software development and DevSecOps pipelines.
• Strong analytical, documentation, and communication skills.
• Active Secret clearance.
Preferred Qualifications
• TS/SCI clearance.
• Experience supporting C2 or mission-critical DoD systems.
• Knowledge of container security, Kubernetes hardening, and OCI security.
• Experience with Ansible, automation frameworks, and secure configuration management.
• Familiarity with SIEM tools, log analysis, and security monitoring.
• Experience preparing for DISA CCRI inspections.
• Knowledge of network security, enclave protections, and cross-doma
group id: 10115149