• Program Protection and System Security Engineering experience to include support of accreditation activities.
• Experience with DOD 5200.39.
• Experience in DoD software selection and approval processes for COTS, GOTS and FOSS.
• Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data.
• Assist program security in the development of policies and procedures for emerging security technologies.
• Support vulnerability assessment activities as required.
• Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
• Experience with Security Testing and Verification
• Work is to be accomplished 100% onsite, in a lab environment, no options for remote support.

Required Qualifications:

• Education: Bachelor's Degree and minimum 12 years of prior relevant experience.
• Graduate Degree and a minimum of 10 years of prior related experience.
• In lieu of a degree, minimum of 16 years of prior related experience.
• Program Protection and System Security Engineering experience.
• Minimum of Collateral Secret security clearance required.
• Must be able to obtain and maintain a DOD 8140 certification (or NIST 800-181), appropriate for the position within 6-months of start.

Preferred Qualifications:

• Experience in Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development.
• Experience with A&A package processing.
• Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC.
• Experience in Model-Based Systems Engineering (MBSE).
• NSA Type 1 Certification of cryptographic high value products.
• Experience with NSA High Assurance products and IASRD requirements.
• Experience in the application of DISA SRGs and STIGs.
• Windows and Linux system administration skills.
• Experience in the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
• DOD 8140 IASAE certification is desired.
• Strong understanding of engineering processes, concepts and information security systems engineering principles (NIST SP 800-160 Vol1).
• System test and evaluation methods and RMF assessment methodology & process.
• Experience in Cyber Defense technologies.
• Experience with CI/CD, agile system development, and DevSecOps tools and processes.
• Understanding of system vulnerabilities and exploitation.
• Top Secret / SCI with an active Poly is highly desired.

NA