Cybersecurity Compliance Test Engineer - Senior - TGEB

ASTRION, INC.
Eglin Air Force Base, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Eglin Air Force Base, United States of America

Tech stack

Microsoft Windows
iOS
Automation of Tests
Unix
Computer Security
Databases
Linux
Network Security
Microsoft SQL Server
MySQL
NMap
Oracle Applications
Red Hat Enterprise Linux - RHEL
Web Applications
Wireless Networks
Nessus
Devsecops
Cisco networks

Job description

Astrion has an exciting opportunity for a Cybersecurity Compliance Test Engineer for the Cyber Test Group Contract, supporting the Air Force Division's 48th Cyber Space Test Squadron and the United States Space Force (USSF) group.

The Cybersecurity Test Team conducts security analysis and assessments on Air Force systems to better understand cybersecurity vulnerabilities, characterize security risks, and make recommendations on corrective actions.Position responsibilities can span from security control compliance, project management, and technical compliance testing to depending on skillset., * Agent to the Security Control Assessor for multiple Authorizing Officials (AOs)

  • Execute independent Security Control Validation for Air Force Systems
  • Conduct independent compliance assessments, data collection, test automation, and reporting
  • Utilizing cyber test tools and developing strategies for cybersecurity testing in DoD, Air Force and Space Force systems
  • Perform system security analysis on systems and/or software to understand and identify cyber vulnerabilities
  • Execute hands-on testing which include significant technical skills with multiple operating systems (Windows, Linux, Unix, Red Hat, Cisco, IOS (network)) as well as software/databases (SQL Server, Oracle, MySQL)
  • Provide technical guidance and cybersecurity expertise to test teams and the customer
  • Document and communicate test results effectively to technical and non-technical user groups in both written and oral formats
  • Test events are typically 1-2 weeks in length, with personnel currently spending 2-3 days in the office and 2-3 days per week teleworking, when not testing (travel up to 15-20 weeks per year, potentially to worldwide sites)

Requirements

  • Master's Degree and a minimum of 10 years of applicable experience. Additional experience may be substituted for education.
  • Must have or be able to obtain DOD 8570 IAT Level 3 certification (CASP, CISSP, etc.) within 6 months of hire, and maintain certification throughout employment.
  • An active DoD SECRET clearance and be able to obtain and maintain a Top Secret - (Single Scope Background Investigation) - US Citizenship is required.
  • Knowledge in the Cybersecurity Assess and Authorize (A&A) process to support DoD acquisition programs through the Risk Management Framework (RMF) process.
  • Significant knowledge of Windows and Linux Operating Systems.
  • Prior experience with web-based application security concepts., * Active DoD Top Secret clearance highly desired
  • Experience in cybersecurity testing and/or leading cyber test events.
  • Proficient in Windows and Linux Operating System.
  • Understanding of network security/engineering.
  • Knowledge of common wired and wireless network protocol structures.
  • Experience working in DevSecOps environment.
  • Experience assessing cloud-based enterprise(s).
  • Experience using tools like eMASS, DISA STIG Viewer, DISA STIGs, ACAS, NESSUS, Nmap.
  • Active DOD 8570 IAT Level 3 certification (CASP, CISSP, etc.) highly desired.

Apply for this position