Cybsersecurity Engineer

Sonalysts, Inc. is seeking an experienced Cybersecurity Engineer with critical thinking skills capable of developing and implementing security controls for classified network systems. Candidates should have familiarity with U.S. Department of Defense (DoD) systems and knowledge of Information Assurance policies and procedures. Knowledge of U.S. Air Force and/or Space Force related security procedures or systems is a plus.

Submission Deadline: May 20, 2026

Prompt responses are encouraged because the deadline could be accelerated or delayed if, in our judgement, either is warranted.

What you will be doing:

• Working onsite at our campus in Colorado Springs, CO

• Design, develop, and implement security controls to preserve confidentiality, integrity and availability of information systems

• Integrate security configuration procedures and tools on Windows and Linux platforms

• Evaluate requirements, select/implement security controls, create and/or review installation procedures, conduct verification and validation of test procedures and script changes, tailor and configure security controls for specific product use, tailor platform hardening, implement application software and/or Operating System vulnerability patches, draft overall security assessment plans, prepare test procedures, perform security tests, and perform security vulnerability assessments using Assured Compliance Assessment Solution (ACAS) and/or Tenable

• Identify issues and recommend solutions for remediation to the software development team

• Identify issues, recommend, and develop solutions for enhancing current processes

• Participate in assessment and authorization activities with various government authorities and authorization agents to obtain and maintain official system Authorization to Operate (ATO)

• Provide security control guidance to the customer that is in compliance with the Risk Management Framework (RMF) and the respective Cognizant Security Office

• Completing security DoD and Information Assurance (IA) training as required

• Input data into the Enterprise Mission Assurance Support Service (eMASS) system

• Perform vulnerability scans, analyze results, and implement system remediation

• Day-to-day server and network operations: installing, configuring, upgrading software, troubleshooting and resolving network/computer/peripheral issues

• Verify accuracy and completion of security procedures, documents, and forms

• Assist with classified spills/incident response or other security-related incidents

• Must be a U.S. citizen, eligible for a U.S. Department of Defense (DoD) SECRET security clearance*

• Bachelor's degree in Computer Science, Information Technology, or related technical field or 4 years' of equivalent related experience

• Minimum 3 years of experience providing information assurance or cyber security development support for system development, * Ability to work in a fast-paced environment and a desire to learn new systems and software/hardware tools

• Excellent written and verbal communication skills

• Possessing an active U.S. Department of Defense (DoD) security clearance*

• Hold current DoD Cyber Workforce certification(s) (e.g., Security+ or equivalent certification(s)) or have the ability to obtain certification within 6 months of employment

• Five years of experience providing information assurance or cyber security development support for system development

• Experience with the eMASS system

• Experience following DoD IA doctrine (RMF); and/or the National Industrial Security Program Operating Manual (NISPOM) and/or NIST SP 800 series publications.

• Strong understanding of NIST SP 800-53 Rev 4 and/or Rev 5 controls and familiarity with the development and tailoring of system policies, procedures, and documentation to security control requirements.

• Knowledgeable in the use of scripting languages/tools to automate information system administration and security functions (Shell Script, PowerShell, Python, etc.)

• Experience with applying security hardening techniques and procedures on information systems (Linux/Windows, network infrastructure, firewalls, MFA, etc.)

• Experience with vulnerability scanning tools and techniques (Nessus/ACAS, Nmap, Eye Retina, Nexpose, Metasploit), STIG/SCAP, Security Information and Event Management (SIEM) tools and techniques.

Obtaining a U.S. Government security clearance involves a comprehensive background check. Candidates are eligible for a clearance if they have demonstrated sound financial management (including good credit) over time, are free of criminal records, have limited foreign contacts or ties, and other factors indicative of a position of trust to protect information sensitive to the U.S. Government.

Tuition reimbursement, AD&D insurance, 401(k), Health insurance, Paid time off, Dental insurance, Flexible spending account, Disability insurance, * Salary ranges between $80,000-$115,000, dependent on experience, qualifications and other relevant business criteria. There are no bonuses, commissions or other compensation unique to this job.

• Opportunity to challenge yourself (learn and grow) intellectually as technologies advance.
• Working on challenging and innovative projects.
• General benefits for full-time employees are described below.

• Flexible Work Schedule
• Paid Time Off, including Sick or Personal Time Off account and Vacation and Holiday account
• Educational Reimbursement Program
• Sonalysts Employee Stock Ownership Plan (ESOP)
• Sonalysts Retirement and Savings (401(K)) Plan
• Our health benefits include:

o Comprehensive medical coverage offered through a High Deductible Health Plan with a national network of providers. A Health Reimbursement Account (HRA) is offered, which is used in conjunction with the High Deductible Health Plan. o Life accidental death and dismemberment insurance o Dental coverage o Short-term disability insurance o Long-term disability insurance o Medical and dependent care flexible spending accounts