RS21
Senior Cyber Security Engineer
RS21, Boulder, Colorado, United States, 80301
RS21 is a dynamic and rapidly growing company with 65+ employees doing good with data to make a significant impact. Our nine core values empower a culture of integrity, learning, risk-taking, creativity, and consistent improvement. We prioritize helping our team achieve a healthy work-life balance with flexible schedules and remote work options. As a testament to our exceptional culture, we were named a Fast Company Best Workplace for Innovators.
RS21 is seeking a seasoned Senior Cyber Security Engineer to join our team in a role embedded directly with our Federal partner. This position involves lending expertise in secure software development and database implementation at our Aurora campus, with occasional duties performed at our Federal partner's location in Boulder.
The successful candidate will bring a strong track record in implementing secure coding practices, including adherence to the Defense Information Systems Agency (DISA) Application Security and Development Security Technical Implementation Guide (ASD STIG). Experience with Python coding, database security, and a thorough understanding of the Risk Management Framework (RMF) process is essential for achieving successful Authorization to Operate (ATO). Proficiency with Continuous Integration / Continuous Deployment (CI/CD) pipelines and DevSecOps methodologies is highly valued, along with the ability to excel in a dynamic and agile environment.
Responsibilities:
Perform security analyses of software applications using both automated tools and manual reviews.
Integrate security tools and processes into DevSecOps pipelines.
Design and implement improvements to software analysis and continuous integration tools.
Conduct compliance scans, analyze results, and produce detailed reports.
Assist software developers in remedying security issues and in integrating security measures into system designs.
Clearance Requirement:
U.S. Citizenship with an active DOD Secret clearance is required; Top Secret/SCI Clearance is preferred.
Qualifications:
At least 5 years of experience in cyber security engineering, preferably with U.S. Government clients.
Bachelor's degree in Science, Technology, Engineering, or Mathematics (STEM).
Proficient with the Risk Management Framework, NIST standards, and application vulnerability management.
Experienced in programming languages such as C++, Python, JavaScript (or TypeScript), or Rust.
Skilled in the use of static code analysis tools and vulnerability discovery methods like fuzzing.
Required Certifications:
Must obtain Security+ certification upon start and meet DoD 8570.01 IAT-II requirements for a Linux environment.
Nice to Have:
Deep understanding of secure coding practices, with experience in DevSecOps pipelines.
Experience in application debugging, runtime instrumentation, and reverse engineering.
Familiarity with threat modeling tools like the MITRE ATT&CK framework.
Excellent collaborative skills and the ability to manage tasks efficiently.
#CJ RS21 is committed to transparent and fair compensation. The final salary within this range will be determined based on relevant experience.Comprehensive benefits include flexible paid time off, medical, dental, and vision insurance with a generous employer contribution to premiums for employees and their dependents, a 401k plan with a 3% employer safe harbor contribution, and more. Pay range $135,000—$160,000 USD
About RS21: RS21 is a rapidly growing data science company that uses artificial intelligence, design, data engineering, and modern software development methods to empower organizations to make data-driven decisions that positively impact the world. Our innovative solutions are insightful, intuitive, inspiring, and intellectually honest. With teams in Albuquerque, NM, Washington, DC, and distributed throughout the United States, RS21 is an Inc. 5000 fastest-growing company two years in a row and a Fast Company Best Workplace for Innovators
We help clients achieve programmatic goals, improve efficiencies, reduce costs, and maximize productivity using MOTHR, our AI engine, that allows users to seamlessly integrate data and reveal insights at hyper speed. We navigate complex data issues in the fields of healthcare, defense, safety, urban planning, energy, cyber, land use, climate, disaster preparedness, disaster recovery, space, and social equity.
The successful candidate will bring a strong track record in implementing secure coding practices, including adherence to the Defense Information Systems Agency (DISA) Application Security and Development Security Technical Implementation Guide (ASD STIG). Experience with Python coding, database security, and a thorough understanding of the Risk Management Framework (RMF) process is essential for achieving successful Authorization to Operate (ATO). Proficiency with Continuous Integration / Continuous Deployment (CI/CD) pipelines and DevSecOps methodologies is highly valued, along with the ability to excel in a dynamic and agile environment.
Responsibilities:
Perform security analyses of software applications using both automated tools and manual reviews.
Integrate security tools and processes into DevSecOps pipelines.
Design and implement improvements to software analysis and continuous integration tools.
Conduct compliance scans, analyze results, and produce detailed reports.
Assist software developers in remedying security issues and in integrating security measures into system designs.
Clearance Requirement:
U.S. Citizenship with an active DOD Secret clearance is required; Top Secret/SCI Clearance is preferred.
Qualifications:
At least 5 years of experience in cyber security engineering, preferably with U.S. Government clients.
Bachelor's degree in Science, Technology, Engineering, or Mathematics (STEM).
Proficient with the Risk Management Framework, NIST standards, and application vulnerability management.
Experienced in programming languages such as C++, Python, JavaScript (or TypeScript), or Rust.
Skilled in the use of static code analysis tools and vulnerability discovery methods like fuzzing.
Required Certifications:
Must obtain Security+ certification upon start and meet DoD 8570.01 IAT-II requirements for a Linux environment.
Nice to Have:
Deep understanding of secure coding practices, with experience in DevSecOps pipelines.
Experience in application debugging, runtime instrumentation, and reverse engineering.
Familiarity with threat modeling tools like the MITRE ATT&CK framework.
Excellent collaborative skills and the ability to manage tasks efficiently.
#CJ RS21 is committed to transparent and fair compensation. The final salary within this range will be determined based on relevant experience.Comprehensive benefits include flexible paid time off, medical, dental, and vision insurance with a generous employer contribution to premiums for employees and their dependents, a 401k plan with a 3% employer safe harbor contribution, and more. Pay range $135,000—$160,000 USD
About RS21: RS21 is a rapidly growing data science company that uses artificial intelligence, design, data engineering, and modern software development methods to empower organizations to make data-driven decisions that positively impact the world. Our innovative solutions are insightful, intuitive, inspiring, and intellectually honest. With teams in Albuquerque, NM, Washington, DC, and distributed throughout the United States, RS21 is an Inc. 5000 fastest-growing company two years in a row and a Fast Company Best Workplace for Innovators
We help clients achieve programmatic goals, improve efficiencies, reduce costs, and maximize productivity using MOTHR, our AI engine, that allows users to seamlessly integrate data and reveal insights at hyper speed. We navigate complex data issues in the fields of healthcare, defense, safety, urban planning, energy, cyber, land use, climate, disaster preparedness, disaster recovery, space, and social equity.