Senior Cyber Security Engineer

Title:

Belong. Connect. Grow. with KBR!

KBRs National Security Solutions team provides highend engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position your work will have a profound impact on the countrys most critical role protecting our national security.

KBR is seeking a Senior Cyber Security Engineer to join our team in Albuquerque NM. This is an excellent opportunity to join a small hand selected systems security engineering team defining the next generation of space communication systems supporting US Space Force and Space Systems Command (SSC) Advanced MILSATCOM Division (SZM). You will support Systems Engineering & Integration (SE&I) activities in a multidisciplinary and collaborative environment. You will work onsite colocated and closely integrated with the Government Customer.

Why Join Us

• Innovative Projects:KBRs work is at the forefront of engineering logistics operations science program management mission IT and cybersecurity solutions.
• Collaborative Environment:Be part of a dynamic team that thrives on collaboration and innovation fostering a supportive and intellectually stimulating workplace.
• Impactful Work:Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.

Key Responsibilities:

• Serve as principal advisor on all matters technical and otherwise involving the security of information systems under your purview
• Develop and maintain a formal Information Security (IS) program and policies
• Develop and oversee operational information systems security implementation policy and guidelines
• Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks
• Participate in IT architecture design reviews to assess and ensure compliance with cybersecurity requirements
• Ensure cybersecurity principles are embedded in systems engineering efforts for ground and space systems
• Ensure periodic testing is conducted to evaluate the security posture of IS by employing various intrusion/attack detection and monitoring tools
• Integrate the Risk Management Framework throughout the system acquisition lifecycle
• Develop coordinate and implement cybersecurity strategies as a subcomponent of the Program Protection Plan
• Maintain a repository of all organizational or systemlevel cybersecurityrelated documentation (including ATOs) for IS under your purview
• Create review and assess RMF related artifacts for acceptable implementation of cybersecurity principles
• Evaluate and apply government cybersecurity (DoD NIST FIPS and CNSS) policies and instructions and provide timely and effective recommendations on system implementation to maintain or achieve compliance
• Conduct program and technical risk assessments to determine necessary cybersecurity protection measures and effectively advocate for resources as required
• Consult with customer and developers to provide solutions to challenging cybersecurity architectures and clearly articulate those solutions to leadership
• Interface with other government organizations during security evaluation of engineering design solutions
• Provide technical security evaluation support to the SCA during contractor assessment and authorization activities
• Integrate cybersecurity assessments into developmental and operational testing and evaluation plans
• Evaluate the continued effectiveness of implemented protection measures within the authorization boundary
• Ensure proper measures are taken when an IS incident or vulnerability is discovered
• Ensure data ownership and responsibilities are established for each IS and specific requirements (to include accountability access and special handling requirements) are enforced
• Ensure CM policies and procedures for authorizing the use of hardware/software on an IS are followed.

Work Environment:

• Location: Onsite
• Travel Requirements: Minimal
• Working Hours: Standard

Required Qualifications:

• Bachelors degree in Cybersecurity Engineering or a related scientific or technical discipline 3 years of work experience in Cybersecurity may be considered in lieu of Bachelors degree)
• 10 years of work experience in Information Assurance/Cybersecurity
• Experience as an ISSM ISSE or ISSM for a complex system
• Certified Information Systems Security Professional (CISSP) Certification or equivalent
• Ability to translate cybersecurity related policies and guidance into system requirements
• Experience with cybersecurity assessment and authorization processes such as the Risk Management Framework
• Familiarity with Zero Trust security strategies and architectures
• Understanding of common vulnerabilities and associated risk mitigation strategies
• Experience with cybersecurity policy and processes architectures testing and evaluation procedures
• Articulate complicated security concepts in crossfunctional planning coordination and task across the spectrum of systems engineering and integration activities
• With minimal oversight be able to sort through complex issues prioritize them accordingly advocate for resources and elevate to management as necessary
• Effective interpersonal and teambuilding skills to engage at both the engineer and management levels to build confidence and collaboration between team members
• Strong written and verbal communications skills
• Understanding of risk management principles and their application within an information system
• Experience with COMSEC key management and familiarity with cryptographic equipment lifecycle management concepts
• DoD 8570.01M IAT Level III approved cybersecurity baseline certification
• The ability to work in a secure confined location (i.e. SCIF)
• Must have an active TS/SCI clearance to be considered for this position

Preferred Qualifications:

• 15 years of work experience in Information Assurance/Cybersecurity
• Masters degree in Cybersecurity Engineering or a related scientific or technical discipline
• Computing Technology Industry Association Security Certification
• Understanding and experience in the acquisition life cycle for information systems
• Experience in security control evaluation testing and assessment in complex system environments
• Familiarity with security tools for implementing and assessing security compliance (e.g. SCAP STIGS ACAS)
• Experience deploying and maintaining a Security Information and Event Management system for a multiple operating system enterprise

Scheduled Weekly Hours: 40

Basic Compensation: $150000 $200000

The offered rate will be based on the selected candidates knowledge skills abilities and/or experience and in consideration of internal parity.

Additional Compensation:

KBR may offer bonuses commissions or other forms of compensation to certain job titles or levels per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus relocation benefits short term incentives long term incentives or discretionary payments for exceptional performance.

Belong Connect and Grow at KBR

At KBR we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to and ongoing journey toward being a People First company. That commitment is central to our team of teams philosophy and fosters an environment where everyone can Belong Connect and Grow. We Deliver Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion disability sex sexual orientation gender identity or expression age national origin veteran status genetic information union status and/or beliefs or any other characteristic protected by federal state or local law.