The DarkStar Group
Information Systems Security Engineer (TS/SCI + Poly) with Security
The DarkStar Group, Herndon, Virginia, United States, 22070
The DarkStar Group
is seeking an Information Systems Security Engineer with a TS/SCI + Poly clearance (applicable to this customer) to join one of our top projects in Herndon, VA.THE PROJECT
The DarkStar Group's team provides advanced Enterprise DevOps services for our customer's entire organization, as well as additional Intel Community agencies. This team is quite "popular" and regularly gets thanks and kudos from its internal customers, because it gets development teams the resources they need on the networks where they need them. A unique aspect of this effort is that it involves repository mirroring where development teams have low–side / unclassified work that can be mirrored to higher–security areas. Data pipelines, open source software, build dependencies, python packages, O/S packages, code repositories and more are involved in these "transfer pipelines". This group does not provide an ATO for systems, but they make it simpler for systems to get an ATO and make it easier for developers to do the work they need to do on customer networks.This is an exciting time on the project, because they are just beginning a complete rearchitecting of their products. Most of what exists consists of Python and bash scripts, Jenkins, and pipelines that were originally each built to do one specific thing. Band–aids and hard–coding have been common, and 5 years into this effort, it is refactoring time! They are moving toward using as many cloud service provider managed services as possible (AWS Lambda, containerization, etc.), and this work is just beginning. Much of the code this team works with is low–side, so it is a unique opportunity to work both low–side and high–side. As a result, the customer provides some ability to work from home: as an example, our Lead Engineer works remote 1 day per week. Work on this program takes place in Chantilly, VA (Some, but not all, roles offer PARTIAL REMOTE options at the customer's discretion) and requires a TS/SCI + Polygraph clearance (acceptable to this customer).THE ROLE
The DarkStar Group is seeking an Information Systems Security Engineer for a fast–paced DEVOPS, Cyber Security, and Engineering support environment. Candidate must have familiarity with the Assessment and Authorization (A&A) process and the Risk Management Framework (RMF), ability to research, translate, and help communicate risk information to the project teams and sponsors. Partner with client stakeholders to provide input and best practice recommendations to inform decision making on security solutions. Implement and support client–based security mitigations and solutions. The position will partner with other ISSEs and project teams to maintain ATOs and practice continuous monitoring across systems to ensure a strong security posture.Candidate must be able to analyze system configurations, scan results, and audit logs to meet sponsor compliance requirements and identify vulnerabilities and issues. The ideal candidate will have demonstrated experience supporting systems to policy compliance as well as ConMon requirements such as quarterly scanning, privileged user reporting, POAM management, and audit. The position requires a team player with good communication and documentation skills.Required Skills
Ability to develop, maintain, and help submit Assessment & Authorization (A&A) packages in accordance with the ICD 503 Rev. 4 policy and Risk Management Framework (RMF)Experience performing security engineering tasks and risk analysis on cloud–based systemsAbility to help provide proper guidance for the application of security controls across the full OSI model stackKnowledge of gathering bodies of evidence (BOE) and artifacts for security packagesPerform system analysis, system audits, system monitoring, security control assessment/testing, risk managementExperience reviewing vulnerability and compliance reports utilizing OS, Web, and DB scanning toolsExperience with auditing and monitoring systems utilizing various tools, such as Splunk or similar metrics solutionsAbility to perform continuous security monitoring and develop strategies for remediationDesired Skills (Optional)
Experience working with sponsor cyber assessments team on system assessmentsExperience working in the intelligence communityExperience with the sponsor's security tracking applicationsExperience reporting on status to stakeholders on security related tasks and issuesDemonstrated experience performing continuous security monitoring and developing strategies for remediationDemonstrated experience assisting with the design, engineering, and development of highly secure systems built upon Amazon Web ServicesExperience with MFA and ZTA environmentsPreferred Qualifications
CISSP, CEH, CISM, or similar industry certificationAbout The DarkStar Group
Our Company
The DarkStar Group is a small business that solves BIG problems. We're one of the Inc. 5000 fastest–growing private companies in the US, and our engineers and scientists support the most critical national security missions in Virginia, Maryland, and elsewhere. Data Science, Software Engineering, Cloud/AWS Infrastructure, and Cyber/CNO are our core areas of expertise. We offer interesting and important work, job security, some of the best and most flexible benefits you'll find in the IC, and salaries so strong that they'll likely surprise you.Our Benefits
The DarkStar Group offers exceptional compensation and benefits: very strong salaries; 100% company–paid medical, dental, and vision premiums for you and all dependents; the ability to get increased salary if you don't need medical/dental/vision; 100% company–paid disability and life insurance benefits; a generously–funded HSA; an 8% 401(k) contribution; 31 days of PTO/holidays to start (more with tenure); the ability to flex time across pay periods without using your PTO; a generous training budget; $25,000 employee referral bonuses; business development / growth incentives; and top notch company swag.We have a huge growth opportunity, so we are offering up to a $25,000 reward for anyone new you refer whom we hire. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr
is seeking an Information Systems Security Engineer with a TS/SCI + Poly clearance (applicable to this customer) to join one of our top projects in Herndon, VA.THE PROJECT
The DarkStar Group's team provides advanced Enterprise DevOps services for our customer's entire organization, as well as additional Intel Community agencies. This team is quite "popular" and regularly gets thanks and kudos from its internal customers, because it gets development teams the resources they need on the networks where they need them. A unique aspect of this effort is that it involves repository mirroring where development teams have low–side / unclassified work that can be mirrored to higher–security areas. Data pipelines, open source software, build dependencies, python packages, O/S packages, code repositories and more are involved in these "transfer pipelines". This group does not provide an ATO for systems, but they make it simpler for systems to get an ATO and make it easier for developers to do the work they need to do on customer networks.This is an exciting time on the project, because they are just beginning a complete rearchitecting of their products. Most of what exists consists of Python and bash scripts, Jenkins, and pipelines that were originally each built to do one specific thing. Band–aids and hard–coding have been common, and 5 years into this effort, it is refactoring time! They are moving toward using as many cloud service provider managed services as possible (AWS Lambda, containerization, etc.), and this work is just beginning. Much of the code this team works with is low–side, so it is a unique opportunity to work both low–side and high–side. As a result, the customer provides some ability to work from home: as an example, our Lead Engineer works remote 1 day per week. Work on this program takes place in Chantilly, VA (Some, but not all, roles offer PARTIAL REMOTE options at the customer's discretion) and requires a TS/SCI + Polygraph clearance (acceptable to this customer).THE ROLE
The DarkStar Group is seeking an Information Systems Security Engineer for a fast–paced DEVOPS, Cyber Security, and Engineering support environment. Candidate must have familiarity with the Assessment and Authorization (A&A) process and the Risk Management Framework (RMF), ability to research, translate, and help communicate risk information to the project teams and sponsors. Partner with client stakeholders to provide input and best practice recommendations to inform decision making on security solutions. Implement and support client–based security mitigations and solutions. The position will partner with other ISSEs and project teams to maintain ATOs and practice continuous monitoring across systems to ensure a strong security posture.Candidate must be able to analyze system configurations, scan results, and audit logs to meet sponsor compliance requirements and identify vulnerabilities and issues. The ideal candidate will have demonstrated experience supporting systems to policy compliance as well as ConMon requirements such as quarterly scanning, privileged user reporting, POAM management, and audit. The position requires a team player with good communication and documentation skills.Required Skills
Ability to develop, maintain, and help submit Assessment & Authorization (A&A) packages in accordance with the ICD 503 Rev. 4 policy and Risk Management Framework (RMF)Experience performing security engineering tasks and risk analysis on cloud–based systemsAbility to help provide proper guidance for the application of security controls across the full OSI model stackKnowledge of gathering bodies of evidence (BOE) and artifacts for security packagesPerform system analysis, system audits, system monitoring, security control assessment/testing, risk managementExperience reviewing vulnerability and compliance reports utilizing OS, Web, and DB scanning toolsExperience with auditing and monitoring systems utilizing various tools, such as Splunk or similar metrics solutionsAbility to perform continuous security monitoring and develop strategies for remediationDesired Skills (Optional)
Experience working with sponsor cyber assessments team on system assessmentsExperience working in the intelligence communityExperience with the sponsor's security tracking applicationsExperience reporting on status to stakeholders on security related tasks and issuesDemonstrated experience performing continuous security monitoring and developing strategies for remediationDemonstrated experience assisting with the design, engineering, and development of highly secure systems built upon Amazon Web ServicesExperience with MFA and ZTA environmentsPreferred Qualifications
CISSP, CEH, CISM, or similar industry certificationAbout The DarkStar Group
Our Company
The DarkStar Group is a small business that solves BIG problems. We're one of the Inc. 5000 fastest–growing private companies in the US, and our engineers and scientists support the most critical national security missions in Virginia, Maryland, and elsewhere. Data Science, Software Engineering, Cloud/AWS Infrastructure, and Cyber/CNO are our core areas of expertise. We offer interesting and important work, job security, some of the best and most flexible benefits you'll find in the IC, and salaries so strong that they'll likely surprise you.Our Benefits
The DarkStar Group offers exceptional compensation and benefits: very strong salaries; 100% company–paid medical, dental, and vision premiums for you and all dependents; the ability to get increased salary if you don't need medical/dental/vision; 100% company–paid disability and life insurance benefits; a generously–funded HSA; an 8% 401(k) contribution; 31 days of PTO/holidays to start (more with tenure); the ability to flex time across pay periods without using your PTO; a generous training budget; $25,000 employee referral bonuses; business development / growth incentives; and top notch company swag.We have a huge growth opportunity, so we are offering up to a $25,000 reward for anyone new you refer whom we hire. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr