Cybersecurity Engineer
Role details
Job location
Tech stack
Job description
The Cybersecurity Engineer is a mid-level cybersecurity professional responsible for managing and maintaining the cybersecurity posture of a Department of Defense (DoD) virtual desktop environment at a fixed facility in the Honolulu, HI area. This position is the primary cybersecurity subject matter expert for the program, with a focus on Risk Management Framework (RMF) compliance, Authorization to Operate (ATO) maintenance, STIG implementation oversight, vulnerability management, and continuous monitoring. Working under the direction of the IT Site Lead, the Cybersecurity Engineer ensures the system meets all applicable DoD IA/cybersecurity requirements and supports the program's ability to maintain an active, compliant ATO.
Key Responsibilities
RMF & ATO Management
Serve as the primary RMF practitioner for the program; manage all aspects of the system's ATO lifecycle including initial authorization, continuous monitoring, and reauthorization.
Develop, maintain, and update the system's RMF package in eMASS including System Security Plan (SSP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting artifacts.
Coordinate with the Authorizing Official (AO), SCA, and ISSM/ISSO representatives to support assessment activities and ATO decisions.
Track and manage all open POA&M items; coordinate with System Administrators, Network Administrators, and Engineers to drive timely remediation.
Ensure all system changes are assessed for security impact and processed through the appropriate change management and RMF review process.
Prepare and deliver required cybersecurity status reports and briefings to the IT Site Lead, OIC, and company leadership.
STIG Compliance & Vulnerability Management
Oversee and coordinate implementation of applicable STIGs across all system components including servers, workstations, network devices, and applications.
Conduct and coordinate vulnerability scanning using ACAS/Nessus and SCAP Compliance Checker; analyze results and prioritize remediation efforts.
Track STIG findings and vulnerability scan results; maintain accurate and current compliance documentation in eMASS.
Develop and maintain a vulnerability management program including scanning schedules, remediation timelines, and reporting cadence.
Review and validate STIG implementation by System Administrators and Network Administrators; provide technical guidance on remediation approaches.
Continuous Monitoring
Implement and manage the system's continuous monitoring strategy in accordance with NIST SP 800-137 and DoD continuous monitoring requirements.
Oversee audit log collection, review, and analysis; ensure anomalies and indicators of compromise are identified, documented, and escalated appropriately.
Ensure audit log retention practices comply with applicable DoD policies and ATO conditions.
Monitor threat intelligence feeds and security advisories; assess applicability to the system environment and coordinate response actions.
Conduct and coordinate periodic security control assessments to validate ongoing effectiveness of implemented controls.
Incident Response & Security Operations
Lead or support cybersecurity incident detection, response, and reporting in accordance with DoD incident response requirements.
Coordinate with the Site Lead, OIC, and appropriate DoD reporting channels for cybersecurity incidents and reportable events.
Develop, maintain, and exercise the system's incident response procedures.
Provide cybersecurity guidance and awareness to all team members.
Policy, Guidance & Training
Develop and maintain cybersecurity SOPs, policies, and guidance documents applicable to the system.
Provide cybersecurity training, awareness, and technical mentorship to system administrators and other technical staff.
Stay current with DoD cybersecurity directives, DISA guidance, and NIST publications; assess impact on the program and recommend policy updates., Normal operating hours are 0600-1800 local time. Extended or surge hours may be required in support of exercises or real-world operations. Schedule coordination is managed by the IT Site Lead.
Requirements
Do you have experience in Vuls?, Do you have a Bachelor's degree?, Demonstrated experience managing ATO packages in eMASS including SSP, SAR, and POA&M development and maintenance.
Proficiency with ACAS/Nessus, SCAP Compliance Checker, and DISA STIG Viewer.
Strong working knowledge of NIST SP 800-53, NIST SP 800-37, DoDI 8510.01, and applicable DoD cybersecurity policy.
DoD 8570/8140 IAT Level II compliance required minimum; IAT Level III or IASAE Level II strongly preferred.
Required certifications (one or more): CompTIA Security+ CE (minimum/IAT II), CISSP, CAP, CASP+ CE, or equivalent IAT III/IASAE II certification.
Preferred Qualifications
CISSP (Certified Information Systems Security Professional) strongly preferred.
CAP (Certified Authorization Professional) or equivalent RMF-specific certification.
Experience as an ISSO or supporting ISSO/ISSM functions in a DoD program.
Experience with continuous monitoring tools and SIEM platforms in a DoD environment.
Familiarity with VDI environment cybersecurity considerations and applicable STIGs.
Experience with DoD classified network environments (SIPRNet/NIPRNet).
Experience supporting operational military environments including exercises or real-world operations.
Required Education and Length of Experience
Bachelor's degree in Cybersecurity, Computer Engineering, Computer Science, Information Technology, or other related field
3+ years of experience in cybersecurity with direct, hands-on RMF experience in a DoD environment., This role will begin in July 2026. Candidates must be local to the site ready to begin work at that time.
U.S. Citizenship Requirements
Due to our contracts with the U.S. federal government and the requirement for a security clearance for this role, candidates for this position must be U.S. Citizens.
Clearance Type Required
Candidates must be able to maintain an active Top Secret with SCI eligibility security clearance (must be in-scope and adjudicated).