Think Beyond The Label Jobs

Sr Cyber Security Engineer Location

US-CO-Colorado Springs ID

2025-9771

Category Cyber Security

Position Type Regular Full-Time Salary Statement

Estimated Starting Salary Range: USD $115,000.00/Yr. - USD $191,650.00/Yr. Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data.

Description

SRC is searching for a well-rounded Mid-Level Cybersecurity Engineer test, analyze, evaluate, validate, and verify cybersecurity requirements for these systems to support the installation requirements for United States Space Command (USSPACECOM) command and control facilities. Work supporting USSPACECOM will be conducted at the government's facilities in Colorado Springs, CO. Duties & Responsibilities include: Provides risk management and IT security services--Information Assurance (IA) support, and RMF Assessment & Authorization (A&A) Serves as a technical liaison between senior management, technical experts/engineers, and other stakeholders for Cybersecurity to facilitate: Plans of Action and Milestones (POA&M) maintenance and milestone tracking (mitigation statements), creation of diagrams, software and hardware lists, POA&Ms, Risk Assessment Reports (RARs), Special Publication (SP), System Security Plan (SSP), Ports, Protocols, and Services Management (PPSM), and A&A packages Manages RMF accreditation process from cradle to grave. Develops RMF package(s) for legacy and modernized IT architecture pursuant to Authorizations to Operate (ATO) for designated DoD systems. Leads RMF transition from DoD Information Assurance Certification and Accreditation Process (DIACAP). Develops and maintains RMF documentation: Implementation Plans, POA&Ms, and RARs in order to obtain and maintain Manages Information Assurance Vulnerability Management (IAVM) program. Ensures compliance with DoD issuances, USCYBERCOM tasking orders (TASKORDs), IA Vulnerability Alerts (IAVAs), and DISA Security Requirements Guides (SRGs) and Security Technical Implementation Guides (STIGs) Ensures computing environment is postured to minimize vulnerabilities and risk against cyber threats (e.g. malware, viruses)--validates system security settings, risk monitoring, IA controls and countermeasures are in accordance with DoD standards Validates IA control requirements based on Committee on National Security Systems Instruction (CNSSI) 1253 / National Institute of Standards and Technology (NIST) 800-53, and USSPACECOM policy & documentation. Performs RARs, vulnerability assessments, analyzes/interprets results from Assured Compliance Assessment Solution (ACAS) Scans, Security Content Automation Protocol (SCAP) scans Collaborates with engineers, and developers to create or modify authorization boundary diagrams, as well as hardware and software lists Conducting vulnerability assessments of information systems and mitigate/remediate the results Build trust with customers and foster a focus on Cybersecurity with team members/stakeholders FILLING THIS POSITION IS CONTINGENT UPON FUNDING #LI-LH1

Requirements

5+ years combined cybersecurity experience holding one or more of the following roles: ISSE, ISSO, and/or Security Control Assessor Representative (SCA-R). Minimum of 5 years of IT-related experience demonstrating competency with (1) attention to detail, (2) customer service, (3) oral communication, and (4) problem solving. Bachelor's Degree (e.g. Cybersecurity, Engineering, Computer Science, or related IT fields) and Active DoD 8570 Level II Certification (e.g. Security+ CE, CCNA, etc.)

Desired Skills

Knowledgeable with demonstrated cybersecurity experience in Risk Management Framework (RMF) including the following DoDI 8500 series, NIST SP 800 series, CNSSI, and FIPS series Experience with ACAS, SCAP, and DISA STIGs/SRGs Assessment & Authorization (A&A) Policy Development Knowledgeable wi h Facility Related Control Systems (FRCS)/Industrial Control System (ICS) Compliance Skilled in the use of Enterprise Mission Assurance Support Service (eMASS) and/or XACTA Knowledgeable with Supply Chain Cyber Risk Management (SCRM) Skilled in compliance reporting with known vulnerabilities from alerts, advisories, errata, and bulletins Skilled in network security architecture concepts including topology, protocols, components, and principles with focus on producing deliverables in accordance with PPSM registration requirements and RMF processes Skilled in discerning the protection needs of information systems and networks with focus on identifying, tailoring, implementing, and testing RMF security controls, with practical mitigation statements