SSC/SZQ – System Cybersecurity Engineer with Security Clearance

at Apogee Engineering
Published November 29, 2022
Location CHEY Mountain Air Force Base, CO
Category Default  
Job Type Full-time  


Apogee is actively seeking a full-time System Cybersecurity Engineer to be located at Peterson SFB in Colorado Springs, CO. This position will be involved in managing and assisting with the full integration of cybersecurity into all phases of acquisition, upgrade, and modification programs, including design, development, testing, fielding, operation, sustainment, and assessment of Risk Management Framework (RMF) compliance. Why work with us? Apogee Engineering, LLC is a provider of research, engineering, operations, software, cyber, intel, training, technical services, financial and administrative expertise across an array of DOD and Federal Civilian customers. Our company was founded on the commitment of making a positive difference for our customers and our people. Apogee’s culture is infused with integrity and a passion for excellence, which has propelled us into the ranks of an elite small business company. Apogee is known for an unwavering dedication to our client's success, a warm and employee-centric work environment, and an enthusiasm to provide the right solution at the right time. What you will be doing: Provide direct support which shall enable the Strategic Warning and Surveillance System Division (SW&SS) to effectively execute, monitor and document cybersecurity efforts on architecture upgrades and sustainment efforts to include: * Support cybersecurity processes, procedures, and functions to include reviewing data, and assessing compliance of the cybersecurity posture for systems. * Provide cybersecurity A&A support services, assist the Government in preparing and reviewing system cybersecurity documentation related to operations to ensure satisfaction of Security Engineering and Assessment requirements (system control identification). * Provide support to the ECQN/Z program office security system engineering team during the system requirement definition, design, and implementation and testing phases of programs; ensure operating Assist, develop, prepare, and deliver to the Government compliant program management deliverables required to plan and contract for sensor and command and control systems in the SW&SS Division portfolio. * Provide oversight on the development and sustainment of the systems security posture of the systems and the Certification and Accreditation (C&A) / Authorization packages. * Ensure the Risk Management Framework (RMF) documentation defines security procedures for system users, administrators, and maintainers; ensure information system life-cycle responsibilities are documented to include responsibility for re-accomplishing risk analysis, security testing, and certification due to modification or changes to the systems; maintain C&A info in the Systems Compliance Database, Information Assurance Repository Directory website. * Security Authorization requirements, developing and enhancing the security risk posture, and analysis and reporting of Cybersecurity metrics, demonstrated expertise in security policy and implementation. * Utilize NIST 800 series special publications in the development of new system artifacts to ensure compliance with new RMF requirements and to interpret requirements as necessary to ensure system compliance or provide operational justification when deemed necessary * Document Authorization To Operate (ATO), (through ITIPS, eMASS, RMF, etc.); review Federal Information Security Management Act (FISMA) reports and coordinate updates as required for RMF packages to ensure the Investment Technology Investment Portfolio System (ITIPS) for the program is current; support the completion of all Cybersecurity taskers (Annual Control Validations, NC3 Cyber Updates, DoD CIO Scorecard, escalation briefings, etc.) * Provide technical expertise with systems engineering to ensure Information Assurance compliance and secure cyber posture with respect to availability, integrity, authentication, confidentiality, and non-repudiation. Assist with system design reviews and develop recommendations to secure and or mitigate the system architectures * Support the development and delivery of RFS proposals and/or Rough Orders Magnitude (ROMs) for initiatives as required * Works with the program office engineer team to review proposed new design and or software upgrades to ensure any changes to the system doesn’t degraded system * Focal point for validating systems patching plan and design of security into the technical solution. Develop or modify implementation and design documents describing how security features are implemented * Conduct assessment of Identity Solution according to guidance from NIST as described in Special Publication 800-63 What you will need: * Security Clearance Required: DoD Secret clearance * Bachelor’s degree with 8+ years of relevant systems cybersecurity experience or equivalent combination of education and experience * Must possess and maintain a DoD 8570 Information Assurance Management (IAM) Level II certification (CISSP, CAP, CASP+, CISM, GSLC, CCISO, or HCISPP) * Experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), and other DoD cybersecurity tools * Demonstrate excellent interpersonal skills, strong written, communication, oral presentations skills, and ability to lead group discussions. * Ability to problem solve and troubleshoot various situations to develop successful outcomes within established program/project guidelines Preferred Qualifications: * Experience working with Static Code Analysis tools * Working knowledge of architecture and design of solutions using cloud-based technologies or experience with Microsoft Azure, AWS, GPS or other cloud technologies * Proficient with a variety of DevOps tools and techniques * Knowledge of software development and systems development lifecycle practices, preferably in an agile development environment * Experience in software security testing, methodologies, and frameworks * Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. Compensation & Benefits: * The pay range for this position is $98,000 to $145,000 per year; however, base pay offered may vary depending on job-related knowledge, skills, and experience. This information is provided per the Colorado Equal Pay Act. Base pay information is based on market location. Applicants should apply via Apogee's careers site. * Apogee offers two medical plans, a high deductible health plan with a HRA and a traditional POS plan with co-pays, dental, vision, 401(k), life insurance, PTO, paid holidays, parental, military and jury duty paid leaves. Regular part time employees scheduled for twenty-four or more hours per work week are eligible for benefits on a pro-rated basis. * This position is eligible for a discretionary annual bonus.