Job Requirements
Newport News, VA
Secret Polygraph not specified
Early Career (2+ yrs experience)
$57.09
Job Description
Mid-Level Cyber Security Engineer – GCCS-J
Location: Newport News, VA – On-site Full-Time Required
Position Type: Full-Time
Clearance Requirement: Active Secret Clearance
Program: Global Command and Control System – Joint (GCCS-J)
Program Summary
GCCS-J is the DoD’s Joint Command and Control system of record, providing a fused, real-time operational picture to commanders and warfighters. The modernization effort emphasizes secure cloud-native architecture, microservices, advanced data ingestion, improved data integrity, and alignment with JADC2 objectives. Cybersecurity is foundational to this modernization, ensuring that all software and infrastructure meet stringent DoD security, accreditation, and operational resilience requirements.
Position Summary
The Mid-Level Cyber Security Engineer supports cybersecurity, Information Assurance (IA), and Risk Management Framework (RMF) activities across GCCS-J classified development and integration environments. This role executes security validation, vulnerability scanning, system hardening, and compliance verification to ensure that all software and systems meet DoD cybersecurity standards. The engineer collaborates with senior cybersecurity staff, developers, testers, and government stakeholders to maintain secure SIPR lab environments and support accreditation and modernization efforts.
Key Responsibilities
Area Responsibilities
IA & RMF Support • Support RMF activities and security control implementation.
• Assist in maintaining compliance with DoD IA controls, STIGs, and SRGs.
SIPR Lab Security Operations • Support secure operations of SIPR-based development and integration labs.
• Perform system hardening, patching, and configuration updates.
Security Validation & Vulnerability Scanning • Execute vulnerability scans and compliance checks.
• Document findings and verify remediation.
Secure Software Support • Assist developers in applying secure coding practices.
• Review software components for basic security risks.
DevSecOps & Automation Support • Support integration of security tools into CI/CD pipelines.
• Assist with automated scanning and compliance validation.
Monitoring & Incident Support • Monitor systems for security events.
• Support incident response activities under senior guidance.
Documentation & Reporting • Maintain IA documentation, scan reports, and POA&M updates.
• Support audit preparation and security reviews.
Collaboration & Communication • Work with senior cybersecurity engineers, ISSOs, developers, and testers.
• Communicate risks and findings clearly.
Basic Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related STEM field.
• 3–6 years of cybersecurity or IA engineering experience.
• Experience supporting RMF, DISA STIGs, and DoD cybersecurity policies.
• Experience with vulnerability scanning tools (ACAS, Nessus, Fortify, etc.).
• Familiarity with Linux/UNIX and Windows system hardening.
• Experience supporting secure software development or DevSecOps environments.
• Strong analytical and documentation skills.
• Active Secret clearance.
Preferred Qualifications
• Experience supporting C2 or mission-critical DoD systems.
• Familiarity with container security, Kubernetes, and secure configuration management.
• Experience with SIEM tools and log analysis.
• Knowledge of CORA processes.
• Familiarity with network security and enclave protections.
Location: Newport News, VA – On-site Full-Time Required
Position Type: Full-Time
Clearance Requirement: Active Secret Clearance
Program: Global Command and Control System – Joint (GCCS-J)
Program Summary
GCCS-J is the DoD’s Joint Command and Control system of record, providing a fused, real-time operational picture to commanders and warfighters. The modernization effort emphasizes secure cloud-native architecture, microservices, advanced data ingestion, improved data integrity, and alignment with JADC2 objectives. Cybersecurity is foundational to this modernization, ensuring that all software and infrastructure meet stringent DoD security, accreditation, and operational resilience requirements.
Position Summary
The Mid-Level Cyber Security Engineer supports cybersecurity, Information Assurance (IA), and Risk Management Framework (RMF) activities across GCCS-J classified development and integration environments. This role executes security validation, vulnerability scanning, system hardening, and compliance verification to ensure that all software and systems meet DoD cybersecurity standards. The engineer collaborates with senior cybersecurity staff, developers, testers, and government stakeholders to maintain secure SIPR lab environments and support accreditation and modernization efforts.
Key Responsibilities
Area Responsibilities
IA & RMF Support • Support RMF activities and security control implementation.
• Assist in maintaining compliance with DoD IA controls, STIGs, and SRGs.
SIPR Lab Security Operations • Support secure operations of SIPR-based development and integration labs.
• Perform system hardening, patching, and configuration updates.
Security Validation & Vulnerability Scanning • Execute vulnerability scans and compliance checks.
• Document findings and verify remediation.
Secure Software Support • Assist developers in applying secure coding practices.
• Review software components for basic security risks.
DevSecOps & Automation Support • Support integration of security tools into CI/CD pipelines.
• Assist with automated scanning and compliance validation.
Monitoring & Incident Support • Monitor systems for security events.
• Support incident response activities under senior guidance.
Documentation & Reporting • Maintain IA documentation, scan reports, and POA&M updates.
• Support audit preparation and security reviews.
Collaboration & Communication • Work with senior cybersecurity engineers, ISSOs, developers, and testers.
• Communicate risks and findings clearly.
Basic Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related STEM field.
• 3–6 years of cybersecurity or IA engineering experience.
• Experience supporting RMF, DISA STIGs, and DoD cybersecurity policies.
• Experience with vulnerability scanning tools (ACAS, Nessus, Fortify, etc.).
• Familiarity with Linux/UNIX and Windows system hardening.
• Experience supporting secure software development or DevSecOps environments.
• Strong analytical and documentation skills.
• Active Secret clearance.
Preferred Qualifications
• Experience supporting C2 or mission-critical DoD systems.
• Familiarity with container security, Kubernetes, and secure configuration management.
• Experience with SIEM tools and log analysis.
• Knowledge of CORA processes.
• Familiarity with network security and enclave protections.
group id: 10115149