Security Engineer

About This Role

Cydecor is seeking a Security Engineer to support the cybersecurity engineering and assurance of U.S. Navy combat systems. This role involves developing DoD Cybersecurity Assessment and Authorization (A&A) documentation, applying DISA STIGs, and executing vulnerability assessments for Navy afloat and tactical systems. The position requires strong expertise in computer security principles and DoD Cybersecurity policies to help Cydecor remain ahead of national security challenges.

Responsibilities

• Author DoD Cybersecurity Assessment and Authorization (A&A) artifacts
• Document systems from a cybersecurity perspective using Microsoft Office tools (Word, Excel, Visio) and other appropriate applications
• Derive, document, and/or identify system CONOPS for Mission Assurance Categorization in accordance with DoDI 8500.2
• Research and recommend logical and physical security solutions to ensure systems meet certification and accreditation requirements
• Apply DISA Security Technical Implementation Guides (STIGs) and NSA security recommendations
• Identify discrepancies between system builds, security requirements, and DoD policies; recommend corrective actions to achieve compliance
• Author and revise system requirements and specifications to meet DoD cybersecurity standards
• Perform vulnerability testing as both Red Team and Blue Team using manual techniques, ACAS, and other approved security tools
• Plan, execute, and document risk assessments against known vulnerabilities and exploit techniques
• Analyze connectivity relationships between U.S. Naval warfare systems and interfacing components, both physical and virtual
• Lead and perform duties as Information System Security Officer (ISSO) and act as the focal point for all information system security matters
• Develop and maintain an Information Assurance Vulnerability Management (IAVM) plan
• Plan, execute, and document security test procedures
• Assist with developing cybersecurity requirements, policy standards, best practices, and procedures for combat systems
• Conduct cybersecurity research and analysis supporting DoD cyber assurance and policy initiatives at multiple classification levels
• Participate in working groups to develop cybersecurity strategies addressing emerging threats
• Support system engineering design, risk assessment, threat analysis, and mitigation planning for Navy combat systems
• Develop or use Model-Based Systems Engineering (MBSE) models to perform cybersecurity analysis

Requirements

• 2+ years program-specific security engineering experience with Navy afloat/tactical combat systems OR 5+ years general security engineering experience
• Minimum IAT Level II or Level III certification per DoD 8570.01 (or successor) when performing as an ISSO or ISSE
• Final adjudicated Single Scope Background Investigation (SSBI) with IT Level-1 designation in JPAS for Privileged Users
• Strong understanding of computer security principles, military system specifications, and DoD Cybersecurity policies for both land-based and afloat/tactical systems
• Ability to communicate effectively and succinctly in both written and verbal formats

Qualifications

• Bachelor's degree desired
• Two (2) years of program-specific security engineering experience working with Navy afloat/tactical combat systems; OR Five (5) years of general security engineering experience

Nice to Have

• At least 2 of the last 5 years of engineering experience on Combat Weapons Systems (Aegis, SSDS, Zumwalt, or other Navy float tactical combat systems)
• Experience developing MBSE-based cybersecurity models or working with DoD system architecture frameworks (DoDAF)
• Prior Navy experience supporting A&A, risk management, or certification/accreditation activities
• Experience leading cybersecurity compliance assessments for shipboard systems

Skills

* Required skills

Benefits

Certifications