Technical Consultant- Cyber Security Engineering

Overview

This position plays a hands-on role securing systems that support critical Defense and Intelligence missions. This position is focused on applying risk management frameworks engineering security controls and maintaining system authorizations for cloud and on-prem environments.

Youll work closely with system engineers administrators and program teams to ensure systems are built assessed and operated in compliance with DoD and NIST requirements. From managing RMF and ATO packages to driving vulnerability remediation and system hardening this role is central to maintaining secure mission-ready systems throughout their lifecycle.

Esri has a Relocation Assistance Program and can provide support with relocating to the Vienna VA area for this position.

Responsibilities

• Apply RMF processes to support system Assessment & Authorization (A&A) including control selection implementation assessment and continuous monitoring
• Develop review and maintain security documentation such as SSPs POA&Ms SARs and ATO artifacts in tools such as XACTA or eMASS
• Conduct vulnerability assessments and compliance scans (such as ACAS) and track remediation of findings and IAVM requirements
• Implement and validate security controls aligned with NIST 800-53 CNSSI 1253 and related DoD guidance
• Support system hardening patching and configuration management in compliance with STIGs for Linux Windows and network devices
• Monitor systems for security events and supporting incident response and risk mitigation activities
• Assess security impacts of system changes and supporting configuration control boards (CCBs)
• Collaborate with system engineers administrators and DevSecOps teams to integrate security throughout the system lifecycle
• Provide cybersecurity risk input to program leadership Authorizing Officials (AOs) and stakeholders

Requirements

• 5 years of professional experience in a similar position supporting similar responsibilities
• Professional experience with RMF A&A POA&M and ATO documentation (XACTA/eMASS)
• Hands-on experience with vulnerability scanning and compliance tracking (ACAS IAVM)
• Experience securing Linux and Windows systems STIGs patching and system hardening
• Knowledge of NIST 800-series publications and incident response processes
• DoD 8570 IAT Level II or higher certification (such as Security CySA CISSP)
• Strong analytical communication and collaborative skills
• US citizenship with Active or Current (within 2 years of active) Top Secret Security Clearance with SCI eligibility
• Bachelors degree in Computer Science Cybersecurity Information Technology or STEM related field

Recommended Qualifications

• Scripting or development experience (Python Java React)
• DevSecOps tools and pipeline experience
• Experience with Linux (Red Hat/CentOS) databases web apps or big data platforms
• Familiarity with Agile environments and tools (Jira Confluence)
• Experience with NIST SP 800-171 and System Security Engineering (SSE)
• Masters degree in Computer Science Cybersecurity Information Technology or STEM related field

#LI-SS2

#LI-Onsite