Sr. Cybersecurity Engineer I (5688)

As Sr. Cybersecurity Engineer I, you’ll implement security controls and best practices to improve the security posture of enterprise applications. Spanning a portfolio of custom applications, cloud platforms, and COTS tools, you will serve as a security resource embedded with development and engineering teams throughout modernization efforts and compliance assessments.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you’ll do:

Cyber Security Design and Implementation

• Collaborate with application development, platform engineering, and customer engagement teams to review security implications for change requests and proposed enhancements.
• Configure security controls and best practices in accordance with applicable federal standards (e.g., NIST SP 800-53 rev. 5) and system/application-specific best practices (e.g., ServiceNow platforms, .NET applications, GitLab deployments, etc.)
• Contribute proactively to a close-knit, mission-driven security team to identify and mitigate risks to the customer’s broader system portfolio and critical assets.

Security Operations and Automation

• Identify, design, and implement solutions to improve security across the application portfolio with DevSecOps best practices, including SAST/DAST/IAST, IaC, robust vulnerability scanning, near-real-time threat detection, etc.
• Automate repeated tasks and core security functions to strengthen baseline posture and improve operational efficiency, using available low-code/no-code and RPA toolsets.
• Improve data collection, threat analysis, and continuous monitoring mechanisms to provide standardized insights into critical security indicators to security peers and government leadership through dashboards, reports, alerts, etc.

Compliance and Risk Management

• Collaborate with compliance officers, government leadership, and development teams to ensure compliance with federal security standards such as NIST 800-53, FedRAMP, and FISMA.
• Support ongoing compliance activities to achieve and maintain ATOs for assigned systems, including implementation support to move systems to the Department’s Ongoing Authorizations (OA) program.
• Implement data-driven and automated mechanisms to identify security risks or compliance issues for proactive remediation.

What you’ll need to succeed:

• An active Top Secret security clearance or higher
• Bachelor’s degree in Computer Science, Cyber Security, Information Systems, or a related field.
• Minimum 5 years of experience in cyber security engineering in federal environments.
• CompTIA Security+ and at least one additional security certification, such as CISSP, SSCP, GSEC, etc.
• Hands-on security engineering experience with at least one of the following tools/systems/environments:
  • ServiceNow
  • .NET applications
  • WordPress applications
  • Azure/GCP/AWS
  • UiPath
  • Unqork
  • GitLab
  • Atlassian suite
• Strong proficiency in providing security engineering support in the context of Agile practices and DevSecOps frameworks.
• Demonstrated expertise with at least some modern DevSecOps and security best practices, such as IaC, SAST/DAST/IAST, continuous monitoring, containerized applications, serverless architectures, etc.

Like we said, we are big fans of our people. That’s why we offer a generous benefits package, professional growth, and valuable time to recharge. Learn more about our company culture code and benefits. Plus, check out our accolades.

Don’t meet every single requirement? 

Studies have shown that women, people of color and the LGBTQ+ community are less likely to apply to jobs unless they meet every single qualification.  At MetroStar we are dedicated to building a diverse, inclusive, and authentic culture, so, if you’re excited about this role, but your previous experience doesn’t align perfectly with every qualification in the job description, we encourage you to go ahead and apply.  We pride ourselves on making great matches, and you may be the perfect match for this role or another one we have. Best of luck! – The MetroStar People & Culture Team

What we want you to know:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

MetroStar Systems is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of MetroStar Systems.

Not ready to apply now?

Sign up to join our newsletter here.