Cybersecurity Engineer (DSO)

Cybersecurity Engineer (DSO)

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel – and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more.

We are seeking a Cybersecurity Engineer (CSE) to support our DoD customer at Scott Air Force Base, IL. The CSE will support emerging Development Security Operations (DSO) in the modernization efforts of the Programs of Record through the selected Continuous Integration/Continuous Deployment (CI/CD) pipelines and facilitate overall implementation of required activities as well as interact with Risk Management Framework (RMF) and Security Control Assessment (SCA) teams providing support to the Enterprise.

Secure the development and operations of tenet applications hosted in the DSO platform. Direct support of the RMF process to provide Information Systems Security Managers (ISSM), Information System Security Officer (ISSO) and Area of Operations (AO) with the holistic, accurate risk assessment with the appropriate Data Security Operating Policy (DSOP). The CSE will be expected to accurately illustrate and report on assigned work. Finally, the DSO will be expected to report completed efforts through intentional metrics and qualified deliverables in a manner that accurately conveys their assessments, metrics and other related documents as required by the customer.

Duties and Responsibilities:

• Facilitate the overall implementation of DSO in supporting RMF activities
• Develop and maintain protection tools descriptions and mechanisms provided by cloud services provider and intermediate layers of security protections to the DSO platform
• Provide Security and Privacy Risk Assessment recommendations to the Government for approval or disapproval in support of DevSecOps risk management processes.
• Verify DSO platform is configured to protect cloud services and protection layers are operating adequately through observation of consoles, dashboards and reviewing reports
• Participate in forums and conduct risk-focused research and propose changes to the DSO platform, cloud services and intermediate layers that protect the DSO environment
• Assess impact and risks introduced to the platform, applications developed or hosted and determine if alternate solutions are available that provide similar capabilities with less risk
• Document processes and relay security-related data into the USTC SIEM analytics tools and other applications that monitor and detect potential malicious user/device behaviors
• Validate applications incorporated to on-premises and/or cloud-based DSO environments are obtained from approved sources
• Research and advise contract and other Government leadership on recently developed countermeasures built to protect command platforms and applications from new threats
• Evaluate data flows and interdependencies related to the tools within the DSO platform to identify opportunities for automating security-related data collection and analysis
• Develop guidance for tools that comprises the DSO platform like DISA STIGS which will be reviewed and modified when/if those tools are updated or replaced
• Collect information about underlying DSO environments and infrastructure to enterprise architecture databases, processes, data flow diagrams to related RMF controls and STIGS
• Collaborate with configuration management to ensure hardware and applications capture configuration management databases through associated approved changes prior to implementation

Basic Qualifications:

• Minimum of 5 years of direct related experience in the areas of Cybersecurity, RMF and DevSecOps
• Secret security clearance
• Must have and maintain IAM III certification
• Excellent written and verbal communication skills, demonstrating the ability to present material to senior DoD and non-DoD officials.
• Able to communicate effectively with senior leaders and customers to clearly present technical approaches and findings.
• BA/BS degree and at least 6 years experience in related field

All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.