Cybersecurity Engineer 2/3 at Scaled Composites, LLC
, United States
Job Descrption
Scaled Composites is seeking a Cybersecurity Engineer 2 or 3 to join our team of diverse and qualified individuals. As the complexity of cyber threats continues to evolve, we are seeking individuals with fresh perspectives and innovative thinking to support information systems lifecycle activities. Our approach to security encompasses a holistic strategy that integrates people, processes, and technology to address a wide range of cyber threats. We are in search of an experienced professional who can support process analysis, security certification testing, security documentation, investigations, software research, emerging technology research, inspections, and periodic audits relative to CMMC.
Category: Security
Location: Mojave, CA
Citizenship Required: United States Citizenship
Clearance Type: Secret
Schedule: 9/80 Work Schedule
Relocation Assistance: Relocation assistance may be available
Benefits: 100% Paid Benefits and 401k Matching
Summary:
Founded by legendary aircraft designer Burt Rutan, Scaled Composites is a 40-year-old aerospace company continually working to push boundaries, prove out ideas, and influence the future. We are a rapid prototyping and manufacturing facility, designing, building, and testing proof-of-concept and prototype vehicles. We have flown an average of one new aircraft type per year over our 40-year history such as Proteus, GlobalFlyer, SpaceShipOne, Model 401, and Stratolaunch.
Duties and Responsibilities include, but are not limited to:
Monitoring security requirements both technical and administrative on unclassified and classified systems.
Working with IT to ensure compliance with CMMC controls, such as asset management, audits, security awareness training, policy creation, incident response, media protection, risk management, system integration, and security assessments.
Continuously monitoring information systems and network activity to ensure information and data are safeguarded from external and internal threats.
Promptly reporting any detected threats, vulnerabilities, or deviations from established requirements. Construct a Plan of Action and Milestones for any identified deviations and monitor corrective actions until all actions are closed.
Collaborating with other departments and customers to develop tailored policies and procedures in support of the effort.
Obtaining and maintaining certification and accreditation packages for systems, to include patching and anti-virus updates at scheduled intervals.
Acting as an advisor to your team and co-workers for all security topics regarding information systems. Developing required cybersecurity training in your area(s) of responsibility.
Conducting self-inspections to ensure compliance with applicable requirements.
Participating in tabletop exercises to clarify roles and responsibilities during incidents, ensuring a swift execution of an established incident response plan.
Assisting with the creation and maintenance of security documentation (i.e. system security profiles, continuous monitoring reports, training records).
Required Qualifications:
Master's Degree with 3 years of experience; OR a Bachelor's Degree with 5 years of experience; OR an Associate's Degree with 7 years of experience; OR a High School Diploma/GED with 10 years of experience is required.
Must have a current DoD 8570 IAM level II (or higher) security certification (CASP, CCISO, HCISPP, CISM, GSLC, CISSP); OR must be able to obtain the certification within 6 months of start date.
Direct experience with Cybersecurity Maturity Model Certification (CMMC) requirements.
Candidates must have a current DoD Secret level security clearance (at minimum) or be able to acquire and maintain a DoD secret clearance.
Ability to obtain and maintain access to Special Programs as a condition of continued employment.
Working knowledge in Risk Management Framework.
Ability to interpret and apply controls from governing documents (Examples: NIST 800-171, JSIG).
Ability to independently organize and prioritize work to meet critical deadlines.
Excellent written and verbal communication skills.
Proficient user of Microsoft Office
Experience with Controlled Unclassified Information (CUI) protection requirements and related controls.
Preferred Skills and Qualifications:
Bachelor’s degree in Cybersecurity or Information Technology
Knowledge of ACAS, NESSUS, SPLUNK, SCAP, NIST, DIACAP, NISPOM, system audits, vulnerability scanning, and RMF package development.
Supervised or completed a CMMC self-assessment or participated in a third-party assessment.
Experience with developing and tracking POA&Ms.
JSIG system security package development is highly desirable.
Current Secret clearance with SAP/SAR access is preferred.
Essential Job Functions:
Requires mobility and the ability to bend and reach
May infrequently require lifting, carrying, pushing, and/or pulling materials weighing up to 30 pounds.
Manual dexterity and coordination are required; repetitive hand motion (e.g., to operate computer keyboard)
Vision at close distances and the ability to adjust focus for prolonged periods (i.e., computer screen)
Ability to remain sedentary or stationary for prolonged periods of time
Ability to write for extended periods of time
Ability to work in an office setting for prolonged periods of time
May be asked to carry up to 20 lbs. up and down a flight of stairs on a regular basis such as files, books, office equipment, etc.
Occasional reaching overhead and lifting up to 15 pounds
Ability to converse and communicate information with others
Occasional exposure to chemical vapors and/or fumes in low non-hazardous concentration
Potential to climb up and down steps on a daily basis