Job Requirements
Aberdeen Proving Ground, MD
Top Secret Polygraph not specified
Senior Level Career (10+ yrs experience)
$180,000 - $250,000
Job Description
Position Summary
10x National Security is seeking a Senior Digital Engineering Cybersecurity Engineer to secure the Army’s digital-engineering ecosystem, its underlying infrastructure, and the engineering data it creates and exchanges. The engineer will integrate cybersecurity into MBSE, CAD, PLM, modeling and simulation, digital-model repositories, collaboration services, cloud or on-premises infrastructure, and lifecycle data workflows.
This is a system-security engineering and acquisition cybersecurity position, not a generic help-desk, compliance-only, or SOC-monitoring role. The successful candidate must be able to understand engineering architectures and data flows, identify mission and technical risks, design practical controls, and support authorization without making the digital-engineering environment unusable.
Primary Responsibilities
Develop and maintain the cybersecurity architecture for digital-engineering platforms, model repositories, PLM and CAD services, simulation environments, data exchanges, collaboration capabilities, and supporting cloud or on-premises infrastructure.
Document system boundaries, data flows, trust boundaries, interfaces, users, administrative paths, external services, model exchanges, and protection requirements.
Apply Zero Trust, least privilege, separation of duties, strong identity, multifactor authentication, role- or attribute-based access control, encryption, network segmentation, secure administration, auditing, and continuous monitoring.
Integrate Risk Management Framework activities into system planning, engineering, deployment, operation, and sustainment.
Develop or support system categorization, control selection, control implementation statements, security plans, architecture diagrams, assessment evidence, POA&Ms, continuous-monitoring plans, and authorization packages.
Enter, maintain, and validate cybersecurity information and evidence in eMASS or other Government-designated systems.
Perform threat modeling and security engineering focused on risks created by aggregated technical data, collaborative engineering, model manipulation, unauthorized changes, supplier access, plug-ins, scripts, software dependencies, and engineering-data exfiltration.
Establish secure configuration, vulnerability-management, patch-management, logging, endpoint-protection, and incident-response practices for the digital-engineering environment.
Apply DISA Security Technical Implementation Guides and Security Requirements Guides where applicable and document deviations or compensating controls.
Integrate software-supply-chain controls, dependency analysis, source-code scanning, container or image scanning, software bills of materials, signing, provenance, and artifact integrity where the environment includes custom software or automation.
Protect CUI, proprietary information, Government technical data, intellectual property, and classified information through appropriate marking, access, storage, transmission, release, and auditing controls.
Automate evidence collection, control validation, configuration checks, and compliance reporting where practical.
Coordinate with the Authorizing Official, Security Control Assessor, ISSM, ISSO, network operators, data owners, system owners, program managers, engineers, vendors, and other Government stakeholders.
Support cybersecurity assessments, technical reviews, penetration testing, vulnerability remediation, authorization activities, and continuous monitoring.
Develop security procedures and role-based guidance so that engineers and modelers can work securely without bypassing required controls.
Brief Government leadership on cybersecurity posture, engineering risks, authorization dependencies, and prioritized remediation actions.
Required Qualifications
Bachelor’s degree in cybersecurity, computer science, information systems, systems engineering, electrical or computer engineering, or a related discipline. Equivalent directly relevant experience may be considered.
At least seven years of cybersecurity or system-security engineering experience, including at least three years supporting DoD systems, RMF, or acquisition cybersecurity.
Working knowledge of DoDI 8510.01, DoDI 8500.01, NIST SP 800-53, DISA STIGs, security-control assessment, POA&M management, and continuous monitoring.
Experience developing or reviewing cybersecurity architectures, authorization boundaries, network diagrams, data-flow diagrams, security plans, control implementations, and assessment evidence.
Experience with identity and access management, network security, endpoint protection, vulnerability management, secure configuration, encryption, logging, and incident response.
Ability to interpret systems-engineering, software, cloud, network, and data architectures and communicate security risks to both technical and nontechnical stakeholders.
Experience supporting eMASS or a comparable governance, risk, and compliance platform.
Must meet the applicable DoD 8140/DCWF qualification requirements for the Government-assigned work role and proficiency level before beginning work.
U.S. citizenship and ability to obtain and maintain the required clearance.
Preferred Qualifications
Active CISSP, CSSLP, CCSP, SecurityX, GIAC, or another certification aligned with the assigned DoD 8140 work role.
Experience securing MBSE, Cameo, CAD, PLM, modeling and simulation, digital twins, engineering repositories, or other technical-data environments.
Experience with Army acquisition programs, ASA(ALT), a PEO or PM organization, DEVCOM, or Army network and cybersecurity organizations.
Experience supporting an Authority to Operate, continuous ATO, inheritance model, or enterprise authorization.
Familiarity with AWS GovCloud, Azure Government, Kubernetes, containers, DevSecOps, infrastructure as code, and policy as code.
Experience with NIST SP 800-171, CUI protection, supply-chain risk management, program protection, software assurance, and secure engineering.
Familiarity with SysML, model-based security engineering, threat modeling, or system-theoretic security analysis.
Experience in controlled, CUI, Secret, or other classified environments.
Measures of Success
Within the initial 60 days, the engineer should document the digital-engineering authorization boundary, critical data flows, major trust relationships, inherited services, current cybersecurity posture, and highest-priority risks. Within 90 days, the engineer should establish a target security architecture, prioritized remediation backlog, RMF evidence plan, continuous-monitoring approach, and clear ownership for each major control and data repository.
10x National Security is seeking a Senior Digital Engineering Cybersecurity Engineer to secure the Army’s digital-engineering ecosystem, its underlying infrastructure, and the engineering data it creates and exchanges. The engineer will integrate cybersecurity into MBSE, CAD, PLM, modeling and simulation, digital-model repositories, collaboration services, cloud or on-premises infrastructure, and lifecycle data workflows.
This is a system-security engineering and acquisition cybersecurity position, not a generic help-desk, compliance-only, or SOC-monitoring role. The successful candidate must be able to understand engineering architectures and data flows, identify mission and technical risks, design practical controls, and support authorization without making the digital-engineering environment unusable.
Primary Responsibilities
Develop and maintain the cybersecurity architecture for digital-engineering platforms, model repositories, PLM and CAD services, simulation environments, data exchanges, collaboration capabilities, and supporting cloud or on-premises infrastructure.
Document system boundaries, data flows, trust boundaries, interfaces, users, administrative paths, external services, model exchanges, and protection requirements.
Apply Zero Trust, least privilege, separation of duties, strong identity, multifactor authentication, role- or attribute-based access control, encryption, network segmentation, secure administration, auditing, and continuous monitoring.
Integrate Risk Management Framework activities into system planning, engineering, deployment, operation, and sustainment.
Develop or support system categorization, control selection, control implementation statements, security plans, architecture diagrams, assessment evidence, POA&Ms, continuous-monitoring plans, and authorization packages.
Enter, maintain, and validate cybersecurity information and evidence in eMASS or other Government-designated systems.
Perform threat modeling and security engineering focused on risks created by aggregated technical data, collaborative engineering, model manipulation, unauthorized changes, supplier access, plug-ins, scripts, software dependencies, and engineering-data exfiltration.
Establish secure configuration, vulnerability-management, patch-management, logging, endpoint-protection, and incident-response practices for the digital-engineering environment.
Apply DISA Security Technical Implementation Guides and Security Requirements Guides where applicable and document deviations or compensating controls.
Integrate software-supply-chain controls, dependency analysis, source-code scanning, container or image scanning, software bills of materials, signing, provenance, and artifact integrity where the environment includes custom software or automation.
Protect CUI, proprietary information, Government technical data, intellectual property, and classified information through appropriate marking, access, storage, transmission, release, and auditing controls.
Automate evidence collection, control validation, configuration checks, and compliance reporting where practical.
Coordinate with the Authorizing Official, Security Control Assessor, ISSM, ISSO, network operators, data owners, system owners, program managers, engineers, vendors, and other Government stakeholders.
Support cybersecurity assessments, technical reviews, penetration testing, vulnerability remediation, authorization activities, and continuous monitoring.
Develop security procedures and role-based guidance so that engineers and modelers can work securely without bypassing required controls.
Brief Government leadership on cybersecurity posture, engineering risks, authorization dependencies, and prioritized remediation actions.
Required Qualifications
Bachelor’s degree in cybersecurity, computer science, information systems, systems engineering, electrical or computer engineering, or a related discipline. Equivalent directly relevant experience may be considered.
At least seven years of cybersecurity or system-security engineering experience, including at least three years supporting DoD systems, RMF, or acquisition cybersecurity.
Working knowledge of DoDI 8510.01, DoDI 8500.01, NIST SP 800-53, DISA STIGs, security-control assessment, POA&M management, and continuous monitoring.
Experience developing or reviewing cybersecurity architectures, authorization boundaries, network diagrams, data-flow diagrams, security plans, control implementations, and assessment evidence.
Experience with identity and access management, network security, endpoint protection, vulnerability management, secure configuration, encryption, logging, and incident response.
Ability to interpret systems-engineering, software, cloud, network, and data architectures and communicate security risks to both technical and nontechnical stakeholders.
Experience supporting eMASS or a comparable governance, risk, and compliance platform.
Must meet the applicable DoD 8140/DCWF qualification requirements for the Government-assigned work role and proficiency level before beginning work.
U.S. citizenship and ability to obtain and maintain the required clearance.
Preferred Qualifications
Active CISSP, CSSLP, CCSP, SecurityX, GIAC, or another certification aligned with the assigned DoD 8140 work role.
Experience securing MBSE, Cameo, CAD, PLM, modeling and simulation, digital twins, engineering repositories, or other technical-data environments.
Experience with Army acquisition programs, ASA(ALT), a PEO or PM organization, DEVCOM, or Army network and cybersecurity organizations.
Experience supporting an Authority to Operate, continuous ATO, inheritance model, or enterprise authorization.
Familiarity with AWS GovCloud, Azure Government, Kubernetes, containers, DevSecOps, infrastructure as code, and policy as code.
Experience with NIST SP 800-171, CUI protection, supply-chain risk management, program protection, software assurance, and secure engineering.
Familiarity with SysML, model-based security engineering, threat modeling, or system-theoretic security analysis.
Experience in controlled, CUI, Secret, or other classified environments.
Measures of Success
Within the initial 60 days, the engineer should document the digital-engineering authorization boundary, critical data flows, major trust relationships, inherited services, current cybersecurity posture, and highest-priority risks. Within 90 days, the engineer should establish a target security architecture, prioritized remediation backlog, RMF evidence plan, continuous-monitoring approach, and clear ownership for each major control and data repository.
group id: 91171357