Cybersecurity Integration Engineer

Dark Wolf Solutions is seeking a Cybersecurity Platform Integration Engineer to support a fast paced highly innovative SDA project with the development of a cloud-based software factory for the BMC3 program. The system that you and your team will create will establish the capability to securely and rapidly field mission applications developed by BMC3 ecosystem participants for space vehicle platforms in support of Joint All Domain Command and Control (JADC2) objectives. This position will provide you with exposure to advanced security and automation practices, as well as the opportunity to work with highly skilled engineers and architects. Additionally, you will have the chance to mentor junior developers and leverage your leadership abilities. This team will be supported at a remote capacity out of Huntsville, AL. Responsibilities include, but are not limited to: 

• Provide engineering analysis, security recommendations for design implementation/operational execution
• Perform computer and/or network security vulnerability assessments to identify, evaluate and mitigate security risks, threats, and vulnerabilities utilizing SD Element
• Develop the Authorization & Assessment (A&A) BoE to meet DoD and Federal directives 
• Monitor security audit and intrusion detection system logs for system and network anomalies 
• Monitor technical access control methods to ensure the operational integrity of the system and data 
• Achieve CtFs or ATOs across multiple government customers with minimal oversight
• Conduct and manage continuous monitoring activities of assigned systems
• Partner with engineers to analyze software, interpret security requirements, and plan effective control implementations
• Provide outstanding customer service, policy expertise, and high-quality documentation
• Serve as the primary in-person point of contact for one or more U.S. Government customers on cybersecurity and compliance requirements and questions
• Perform vulnerability scans of networks to identify security vulnerabilities, provide remediation alternatives, and conduct security risk assessments to ensure compliance with corporate security policies and best practices
• Provide subject matter expertise and analysis to bridge the gap between high-level security requirements and policies and ensure their integration into information technology component products and information systems through purposeful security design or configuration
• Provide security consultation/guidance and engineering to PM product owners, customers, system owners, and developers, and maintain security process coordination within the Department's lifecycle management and governance process

Required Qualifications:

• 5+ years of experience using DoD Risk Management Framework (RMF) lifecycle (Step 1 – Step 6) for various information systems (single node to large (100+ node) heterogeneous architectures) 
• Knowledge of selecting and engineering security controls via NIST SP.800-190 
• Knowledge of selecting and engineering National Security System security controls via CNSSI 1253 
• Experience assessing the technical and administrative implementation of security controls in accordance with NIST.SP.800-190
• Working knowledge of the Enterprise Mission Assurance Support Service (eMASS) 
• Foundational experience applying security controls to Unix variants (i.e., Linux, Debian, etc.) ,Microsoft operating systems, Linux operating systems
• Knowledge of networking, software development, scripting languages, software integration, or related skills 
• Knowledge of networking protocols and understanding of security-related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, and access-lists 
• Knowledge of the DoD Security Technical Implementation Guides (STIGS), Security Requirements Guides (SRG), and industry best practices for various applications
• Certificate to Field (CtF) Policies
• US Citizenship and an active Secret Security Clearance

Desired Qualifications:

• Experience with Amazon Web Services (AWS) to include services such as VPC, EC2, IAM, S3, Lambda, CloudWatch
• Experience with Kubernetes and/or other container orchestration tools 
• Experience with Platform One or other DoD Software Factories
• Knowledge of the Atlassian Suite (Jira, Jira Service Management, Confluence) including front-end and administrative functions & its plugin structure
• Experience and knowledge of Software Composition Analysis (SCA) tools (e.g., Fortify, SonarQube, Prisma Cloud Compute)
• Experience with Infrastructure as Code (IaC) tools (e.g., Terraform)
• Experience with access management and client account technical support (SSO, Keycloak, Appgate)