QTEC Aerospace
CYBERSECURITY ENGINEER
QTEC Aerospace, Colorado Springs, Colorado, United States, 80509
QTEC Aerospace is seeking a CYBERSECURITY ENGINEER to join our team of professionals in Colorado Springs, CO. The successful candidate will become part of a team of professionals representing both industry and government in support of a Missile Defense System (MDS) with a mission of protecting the United States and our allies. The successful candidate will be detail oriented, have a proven track record and a positive work ethic.
Job Summary
QTEC Aerospace is looking for highly capable and motivated individuals. The successful candidate will function as an integral member of a multi-contractor team providing program, engineering, and technical support to Missile Defense programs.
Job Duties/Responsibilities
Responsibilities will include, but may not be limited to the following:
Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual validation of accounts, and work with the system administrator to create, modify, and remove accountsAssess systems and networks within a virtual environment and identify where those systems deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations, such as compliance audits using STIG Viewer, SCAP, etc., and active evaluations, such as vulnerability assessments utilizing ACASPerform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOSDevelop test plans reflecting how STIG checks are implemented and be able to show expected outcomes of those checksUpdate Risk Management Framework (RMF) artifact documentation to ensure system hardening non-compliant is tracked and remediatedEstablish strict program control processes to ensure risk mitigation and support obtaining system assessment and authorization. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activitiesPerform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguardsSupport program test milestones through pretest preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorizationPrepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABO), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M)Periodically review each program support and operational system's audits and monitor corrective actions until all actions are closedCoordinate across the program to address identified deficiencies during RMF assessment activitiesMinimum Education and Experience
Bachelors degree in Engineering with at least 5 years of experience or equivalent years of experienceIAT Level II/ IAM Level I DoDI 8570 certification (e.g., Sec+ CE or similar)Required Knowledge, Skills and Abilities
Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.)Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to include identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, and conducting verification testing for compliance assessmentKnowledge of Software Assurance (SwA) static and dynamic code analysis (e.g. Fortify)Excellent verbal and written communication skills, including ability to collaborate with cross-functional teams, and prepare and brief presentations to the customer as neededSelf-starter with ability to work both independently and in a team environmentDesired Knowledge, Skills and Abilities
Windows and Red Hat Enterprise Linux (RHEL) system administration skillsPrevious background working in a virtual environmentPrevious background working with dockers and containersAdminister ACAS and ESS (formally HBSS)Previous experience with ConfigOS
Security Clearance
Candidates must currently have and be able to maintain a minimum DoD TOP SECRET level security clearance.
Salary Range
$82,000 - $161,000
Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results.
Benefits
QTEC Aerospace offers a variety of benefits including healthcare, dental, vision, life and disability insurance, 401(k) retirement plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. Employees may choose among the offered benefits to design the best benefits package to suit their individual or family needs.
Location
Colorado Springs, CO
It is the policy of QTEC, Inc. not to discriminate on the basis of gender, age, race, religion, disability, veteran status or any protected statuses and to take affirmative action to employ and advance in employment qualified individuals within the company.
Job Summary
QTEC Aerospace is looking for highly capable and motivated individuals. The successful candidate will function as an integral member of a multi-contractor team providing program, engineering, and technical support to Missile Defense programs.
Job Duties/Responsibilities
Responsibilities will include, but may not be limited to the following:
Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual validation of accounts, and work with the system administrator to create, modify, and remove accountsAssess systems and networks within a virtual environment and identify where those systems deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations, such as compliance audits using STIG Viewer, SCAP, etc., and active evaluations, such as vulnerability assessments utilizing ACASPerform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOSDevelop test plans reflecting how STIG checks are implemented and be able to show expected outcomes of those checksUpdate Risk Management Framework (RMF) artifact documentation to ensure system hardening non-compliant is tracked and remediatedEstablish strict program control processes to ensure risk mitigation and support obtaining system assessment and authorization. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activitiesPerform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguardsSupport program test milestones through pretest preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorizationPrepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABO), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M)Periodically review each program support and operational system's audits and monitor corrective actions until all actions are closedCoordinate across the program to address identified deficiencies during RMF assessment activitiesMinimum Education and Experience
Bachelors degree in Engineering with at least 5 years of experience or equivalent years of experienceIAT Level II/ IAM Level I DoDI 8570 certification (e.g., Sec+ CE or similar)Required Knowledge, Skills and Abilities
Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.)Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to include identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, and conducting verification testing for compliance assessmentKnowledge of Software Assurance (SwA) static and dynamic code analysis (e.g. Fortify)Excellent verbal and written communication skills, including ability to collaborate with cross-functional teams, and prepare and brief presentations to the customer as neededSelf-starter with ability to work both independently and in a team environmentDesired Knowledge, Skills and Abilities
Windows and Red Hat Enterprise Linux (RHEL) system administration skillsPrevious background working in a virtual environmentPrevious background working with dockers and containersAdminister ACAS and ESS (formally HBSS)Previous experience with ConfigOS
Security Clearance
Candidates must currently have and be able to maintain a minimum DoD TOP SECRET level security clearance.
Salary Range
$82,000 - $161,000
Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results.
Benefits
QTEC Aerospace offers a variety of benefits including healthcare, dental, vision, life and disability insurance, 401(k) retirement plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. Employees may choose among the offered benefits to design the best benefits package to suit their individual or family needs.
Location
Colorado Springs, CO
It is the policy of QTEC, Inc. not to discriminate on the basis of gender, age, race, religion, disability, veteran status or any protected statuses and to take affirmative action to employ and advance in employment qualified individuals within the company.