Senior Cybersecurity Engineer
ODME Solutions, LLC
We Engineer Solutions that Deliver Results. Fast, Effective, and Efficient.
About ODME Solutions, LLC
ODME Solutions, LLC., is a Government contractor that provides talented Subject Matter Expertise in Engineering Services, C4ISR Systems Integration, Testing & Evaluation, Software Engineering and Development, Cybersecurity and information Assurance, Risk Management, Network and Cloud Engineering, and Configuration Management.
ODME Solutions, LLC is currently seeking a Senior Cybersecurity Engineer to join our team and provide support to our customer located in Pasadena, CA. The Senior Cybersecurity Engineer will provide technical leadership and operational expertise for the design, deployment, operations and monitoring of classified information systems.
Primary Duties and Responsibilities for this position include:
- Report to the cognizant Information Systems Security Manager (ISSM) within the Information Technology Service Directorate and closely coordinate with system owners and information technology experts to assess and verify security control baselines and ensure their technical implementations meet applicable standards; sustain Continuous Monitoring reporting.
• Maintain and configure Security Event and Incident Monitoring (SEIM) tools and endpoint protection applications; identify anomalies and lead incident response, mitigation, and reporting.
• Maintain vulnerability management process to include information system scan configurations, scan analysis, and vulnerability prioritization and mitigation efforts to reduce system risk to acceptable levels.
• Interface with other cybersecurity and information technology staff to coordinate Assessment and Authorization activities to include developing and maintaining System Security Plans (SSP), Security Controls Traceability Matrix (SCTM), and Plan of Action and Milestones (POA&M) with supporting Bodies of Evidence and other artifacts.
• Conduct data transfers between information systems of varying security levels in accordance with the applicable standards and processes.
• Apply cybersecurity and IT knowledge to develop, execute, and monitor plans for zero-day vulnerabilities, emergent requirements, and other short-notice taskings as directed by the ISSM.
- Experience with Government, Risk and Compliance (GRC) tools such as ServiceNow’s GRC module and eMASS.
• Familiarity with secure coding practices and coding languages to include C++, Python, and MATLAB.
• Advanced expertise configuring and tuning vulnerability scanning, SEIM, and endpoint protection applications such as Nessus, Splunk, and McAfee.
Minimum Basic Requirements for Skills, Experience, Education and Credentials include:
- You must be a U.S. citizen with an active Top Secret SSBI clearance and Sensitive Compartmented Information (SCI) eligible with an active Counter Intelligence Polygraph.
- Bachelor’s degree with a minimum of 2-4 years of related cybersecurity experience; Master’s degree with a minimum of 1-2 years of related experience; or additional related experience in lieu of BS/MS degree. Possess at least one of the Department of Defense (DoD) 8570 IAT Level II workforce certifications.
- Experience with system hardening, configuration testing, continuous monitoring, and scanning using any of the following tools or related tools and applications to include their configuration and tuning to achieve optimal results: Nessus, Splunk, and McAfee.
- Experience working across operating systems to include Windows and Linux environments.
- Working knowledge of system functions, security policies, technical security safeguards, and operational protective measures.
- Experience implementing Intelligence Community Directive (ICD) 503 and Risk Management Framework (RMF) principles, system Assessment and Authorization, National Institute of Standards and Technology (NIST) Special Publications including 800-53 and Federal Information Processing Standard (FIPS) Publications 199 and 200.
- Knowledge of security concepts and best practices such as defense in-depth, least privilege, need-to-know, separation of duties, access controls, and encryption.
- DoD 8570 IAT III or IAM II Compliant: CompTIA, ISACA, (ISC)2, or GIAC certification.
ODME Solutions, LLC shall, in its discretion, modify or adjust the position to meet ODME’s changing needs.
This job description is not a contract and may be adjusted as deemed appropriate in ODME’s sole discretion.