DigiFlight
Cyber Engineer-Senior
DigiFlight, Columbia, Maryland, United States, 21046
Cyber Engineer- Senior
Digiflight, Inc. is seeking a Cyber Engineer that will assist with providing a highly technical and in-depth penetration testing support on a SAFe Agile DevSecOps Program. The role requires support specializing in penetration testing and ethical hacking, to target, assess, and exploit risk and vulnerabilities of information systems. The intent is to provide senior decision makers with documented and actionable data to aid in making strategic investment decisions.
Primary Responsibilities
a) Responsible for the protection and security of the systems that store data
b) In charge of the network and systems in a security capacity and plans and execute security measures accordingly
c) Implementing safeguards that prevents intrusions and breaches.
d) Responsible for providing cybersecurity engineering services for classified and unclassified networks of computer systems running the Windows and Linux Operating Systems.
e) Provide cybersecurity engineering support for Local area development networks (both Windows and Linux)
f) Provide cybersecurity engineering support for local area networks that tie together the computing nodes of the trainers.
g) Develop creative solutions to complex technical issues and problems
h) Assist with maintaining a strong cybersecurity posture
i) Assist in developing new policies, design processes, and procedures, and develop technical designs to secure the development environment and trainer systems
j) Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems, and test security products and systems to detect security weakness
k) Implementing safeguards that prevent intrusions and breaches.
l) Reconstruct a malicious attack or activity based off network traffic
m) Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
Basic Qualifications
a) Certified Information Systems Security Professional (CISSP) certification
b) Extensive experience with cyber penetration testing
c) Extensive experience applying computer attack methods and system exploitation techniques
d) Extensive working knowledge of cyber security principles for Linux, Windows, and virtual platforms
e) Extensive experience designing, testing, or implementing IT security architecture
f) Extensive experience performing network security analysis
g) Extensive experience analyzing network architectures
h) Extensive experience with detection system (IDS) tools
i) Extensive work experience in cyber security or related IT field
j) Extensive experience using network management tools
k) Extensive experience leveraging adversarial tactics to conduct hands-on security testing
l) Extensive experience developing risk management methodologies
m) Extensive experience analyzing test results to develop risk and threat mitigation plans
n) Extensive experience testing or reviewing system configuration, development, and design specifically around enterprise systems and hypervisors
o) Extensive experience designing, testing, or implementing complex Windows installations
p) Experience with Cloud services offered by Microsoft or Amazon. Azure Sentinel (SIEM) is most desired between the two
Candidate must be a US Citizen
Candidate must have an active TS/SCI
Candidate must have a MA/MS degree with a minimum of 15 years of experience. This may be substituted with a BS/BA degree and a minimum of 20 years of total experience.
Preferred Qualifications
One or more of the following professional certifications:
GNFA
GCIH
GCIA
GSEC
CASP+
CySA+
PaLMS
FedVTE
GSEC (SANS401)
Arcsight (or other SEIM solution)
Network+
Security+
Our People
DigiFlight attracts the most highly skilled workforce to protect some of our nation's most sensitive systems. Before joining the company, many DigiFlight professionals served our country in a civilian and/or military capacity. Our diverse team provides innovative solutions as they support critical clients in tackling tough challenges. Most importantly, our team is passionate about their work and making a difference.
Our corporate culture promotes a healthy work/life balance.
Our Benefits
DigiFlight's competitive benefits package allows employees to manage their personal and professional portfolios through a variety of features and programs. Our benefits include:
Health, Dental, Vision, and Flexible Spending AccountPaid Time Off (PTO)11 paid holidaysTuition Education AssistanceProfessional Development401(k) retirement planLife insurance and short- and long-term disability insuranceEmployee Referral ProgramMarketing Incentive Plans
DigiFlight, Inc. (DFI) is an Affirmative Action, Equal Opportunity Employer. DFI offers a highly competitive, family-oriented benefits package.
Performs comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls in accordance with NIST 800-53.
Principal Duties and Responsibilities (*Essential functions)• Review RMF Packages for completeness and technical accuracy.• Assess documented designs for compliance with NIST 800-53 and DOD related policies for on premise and cloud-based solutions• Perform Risk Assessment IAW with Army RMF 2.0 policy.• Review security design artifacts to determine the risk profile of the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), and other documents as needed.• Review information systems assurance and accreditation material• Provides recommendations for protecting networks, workstations, servers, and IT assets.*• Involved in conducting audits to ensure information systems security policies and procedures are implemented as defined in security plans and best practices. *• Additional duties include assist Vulnerability Disclosure Program (VDP) to perform investigation and provide mitigation information to the users when needed.
At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here.
Required Experience
Required Qualifications• Associate's Degree or a Bachelor's Degree in related field, or equivalent experience.• Minimum of 3 related certifications may be used in place of unrelated degree field.• Minimum of 4-7 years of work related experience.• Must be able to obtain a Security+CE certification, or equivalent, within 6 months of hire.• Prior experience with eMASS and RMF.• Strong written and verbal communication skills.• Secret DoD Security Clearance required; US Citizenship required.
Preferred Qualifications• Active Security+CE certification or equivalent.• Understand Risk Assessment methodology.
Digiflight, Inc. is seeking a Cyber Engineer that will assist with providing a highly technical and in-depth penetration testing support on a SAFe Agile DevSecOps Program. The role requires support specializing in penetration testing and ethical hacking, to target, assess, and exploit risk and vulnerabilities of information systems. The intent is to provide senior decision makers with documented and actionable data to aid in making strategic investment decisions.
Primary Responsibilities
a) Responsible for the protection and security of the systems that store data
b) In charge of the network and systems in a security capacity and plans and execute security measures accordingly
c) Implementing safeguards that prevents intrusions and breaches.
d) Responsible for providing cybersecurity engineering services for classified and unclassified networks of computer systems running the Windows and Linux Operating Systems.
e) Provide cybersecurity engineering support for Local area development networks (both Windows and Linux)
f) Provide cybersecurity engineering support for local area networks that tie together the computing nodes of the trainers.
g) Develop creative solutions to complex technical issues and problems
h) Assist with maintaining a strong cybersecurity posture
i) Assist in developing new policies, design processes, and procedures, and develop technical designs to secure the development environment and trainer systems
j) Assess system vulnerabilities, implement risk mitigation strategies, validate secure systems, and test security products and systems to detect security weakness
k) Implementing safeguards that prevent intrusions and breaches.
l) Reconstruct a malicious attack or activity based off network traffic
m) Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools
Basic Qualifications
a) Certified Information Systems Security Professional (CISSP) certification
b) Extensive experience with cyber penetration testing
c) Extensive experience applying computer attack methods and system exploitation techniques
d) Extensive working knowledge of cyber security principles for Linux, Windows, and virtual platforms
e) Extensive experience designing, testing, or implementing IT security architecture
f) Extensive experience performing network security analysis
g) Extensive experience analyzing network architectures
h) Extensive experience with detection system (IDS) tools
i) Extensive work experience in cyber security or related IT field
j) Extensive experience using network management tools
k) Extensive experience leveraging adversarial tactics to conduct hands-on security testing
l) Extensive experience developing risk management methodologies
m) Extensive experience analyzing test results to develop risk and threat mitigation plans
n) Extensive experience testing or reviewing system configuration, development, and design specifically around enterprise systems and hypervisors
o) Extensive experience designing, testing, or implementing complex Windows installations
p) Experience with Cloud services offered by Microsoft or Amazon. Azure Sentinel (SIEM) is most desired between the two
Candidate must be a US Citizen
Candidate must have an active TS/SCI
Candidate must have a MA/MS degree with a minimum of 15 years of experience. This may be substituted with a BS/BA degree and a minimum of 20 years of total experience.
Preferred Qualifications
One or more of the following professional certifications:
GNFA
GCIH
GCIA
GSEC
CASP+
CySA+
PaLMS
FedVTE
GSEC (SANS401)
Arcsight (or other SEIM solution)
Network+
Security+
Our People
DigiFlight attracts the most highly skilled workforce to protect some of our nation's most sensitive systems. Before joining the company, many DigiFlight professionals served our country in a civilian and/or military capacity. Our diverse team provides innovative solutions as they support critical clients in tackling tough challenges. Most importantly, our team is passionate about their work and making a difference.
Our corporate culture promotes a healthy work/life balance.
Our Benefits
DigiFlight's competitive benefits package allows employees to manage their personal and professional portfolios through a variety of features and programs. Our benefits include:
Health, Dental, Vision, and Flexible Spending AccountPaid Time Off (PTO)11 paid holidaysTuition Education AssistanceProfessional Development401(k) retirement planLife insurance and short- and long-term disability insuranceEmployee Referral ProgramMarketing Incentive Plans
DigiFlight, Inc. (DFI) is an Affirmative Action, Equal Opportunity Employer. DFI offers a highly competitive, family-oriented benefits package.
Performs comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls in accordance with NIST 800-53.
Principal Duties and Responsibilities (*Essential functions)• Review RMF Packages for completeness and technical accuracy.• Assess documented designs for compliance with NIST 800-53 and DOD related policies for on premise and cloud-based solutions• Perform Risk Assessment IAW with Army RMF 2.0 policy.• Review security design artifacts to determine the risk profile of the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), and other documents as needed.• Review information systems assurance and accreditation material• Provides recommendations for protecting networks, workstations, servers, and IT assets.*• Involved in conducting audits to ensure information systems security policies and procedures are implemented as defined in security plans and best practices. *• Additional duties include assist Vulnerability Disclosure Program (VDP) to perform investigation and provide mitigation information to the users when needed.
At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here.
Required Experience
Required Qualifications• Associate's Degree or a Bachelor's Degree in related field, or equivalent experience.• Minimum of 3 related certifications may be used in place of unrelated degree field.• Minimum of 4-7 years of work related experience.• Must be able to obtain a Security+CE certification, or equivalent, within 6 months of hire.• Prior experience with eMASS and RMF.• Strong written and verbal communication skills.• Secret DoD Security Clearance required; US Citizenship required.
Preferred Qualifications• Active Security+CE certification or equivalent.• Understand Risk Assessment methodology.