Cybersecurity Engineer

B CORE LLC
St. Louis, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 139K

Job location

Remote
St. Louis, United States of America

Tech stack

Microsoft Windows
Amazon Web Services (AWS)
Systems Engineering
Bash
Cloud Engineering
Computer Security
Information Systems
Computer Networks
Linux
Fault Tolerance
Information Security Management
IT Management
Intrusion Detection Systems
Information Systems Security Architecture Professional
Python
Network Troubleshooting
Log Analysis
Network Architecture
Powershell
Red Hat Enterprise Linux - RHEL
Cloud Services
Security Information and Event Management
Software Engineering
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Computer Networking Systems
Load Balancing
Cloud Platform System
In-Plane Switching (IPS)
Cyber Threat Analysis
Tanium Platform Expertise
Integration Tests
Information Technology
Performance Monitor
Splunk
Devsecops
Security Orchestration, Automation & Response
Plan of Action and Milestones

Job description

At Bcore, our strength comes from how we deliver impact to the mission. Whether it's architecting critical IT solutions, producing actionable intelligence, or developing cutting edge technology, we succeed because of the expertise, collaboration, and agility of our teams. Our Mission Services division combines enterprise IT, cloud solutions, DevSecOps, systems engineering, software development, and operational support. Bcore accelerates decisive advantage for warfighters and intelligence professionals by fusing human insight, rapid-fire engineering, precision-measured outcomes, and relentless grit into mission-ready solutions.

Do you want to join a team that is building tailored technical solutions to modernize our government's mission and our client's business? Do you have a desire to change how people work? Are you interested in helping to protect our nation's cyber interests? Join our growing team as a Cybersecurity Engineer, supporting the NGA customer mission.

What you get to do every day:

This role is responsible for implementing and maintaining cybersecurity controls across enterprise infrastructure, including Windows, Linux, network, virtualization, and cloud environments. The successful candidate will execute RMF continuous monitoring activities, implement STIGs, remediate vulnerabilities, manage POA&Ms, and support Assessment & Authorization (A&A) efforts in accordance with NIST SP 800-53, ICD 503, and DoD security requirements. This is a hands-on technical role requiring experience hardening systems, responding to security findings, supporting enterprise security tools, and collaborating with infrastructure teams to maintain a secure, compliant, and resilient operating environment.

Specific Duties and Responsibilities:

  • Act as the representative of the Information System Security Manager (ISSM), ensuring compliance with DoD and Intelligence Community (IC) information security policies, procedures, and directives.
  • Support efforts to operate, maintain, and dispose of information system materials in accordance with RMF, NIST, ICD 503, and applicable security directives, policies, and System Security Plans (SSPs).
  • Implement and maintain Security Technical Implementation Guides (STIGs) across Windows, Linux (RHEL), network, virtualization, and cloud environments to ensure compliance with DoD security requirements.
  • Execute technical remediation activities to address security findings identified through ACAS, STIG reviews, vulnerability scans, and security assessments.
  • Manage assigned Plan of Action and Milestones (POA&Ms) by implementing technical solutions, validating remediation efforts, documenting completion evidence, and supporting POA&M closure.
  • Support RMF continuous monitoring activities by implementing required security controls, maintaining A&A documentation, and ensuring compliance with NIST SP 800-53 and ICD 503 requirements.
  • Generate and implement required cybersecurity awareness training, ensuring users understand their security responsibilities prior to system access.
  • Initiate protective and corrective measures when security incidents, vulnerabilities, or compliance issues are identified.
  • Ensure IA hardware, software, and operating systems comply with approved security configuration guides and organizational security baselines.
  • Implement and enforce IA policies and procedures as defined by RMF authorization packages and A&A documentation. .
  • Ability to work on multiple projects simultaneously in a dynamic, fast-paced, team-oriented environment.
  • Perform Operations & Sustainment (O&S) functions for enterprise network security infrastructure, including firewalls, web gateways, mail gateways, IDS/IPS, load balancers, performance monitoring tools, and management systems.
  • Perform maintenance, hardening, patching, and advanced configuration of security infrastructure to protect enterprise networks from emerging cyber threats.
  • Support and secure Cloud Infrastructure, including AWS-based technologies.
  • Utilize enterprise security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and related cybersecurity platforms.
  • Conduct forensic network traffic and log analysis to investigate incidents, isolate issues, and respond to analyst alerts.
  • Respond to escalated cybersecurity and infrastructure troubleshooting requests.
  • Maintain and administer network infrastructure standards, documentation, and fault-tolerant configurations.
  • Present monitoring, testing, compliance, and remediation results and reports as required.
  • Perform and support integration testing, security validation, and operational readiness activities.
  • Develop automation and scripting solutions using PowerShell, Bash, Python, or similar languages to improve security operations and compliance.
  • Collaborate with systems, network, and cloud engineering teams to implement secure architectures and operational best practices.
  • Participate in special projects as required.

Requirements

Clearance Required: Active TS clearance (with SCI Eligibility) and eligibility to obtain CI Poly

Certification Preferred: DoD 8570/8140 compliant certifications such as Security+, CISSP, CAP, or CASP+

Education/Experience:

  • Requires Bachelor's degree in Computer Science, Engineering, Cybersecurity, Information Technology, or a related technical discipline, or an equivalent combination of education, technical training, or relevant military/work experience
  • 5-10 years of experience supporting Information Assurance, Cybersecurity, Information System Security Officer (ISSO), or Cybersecurity Engineering functions within DoD or Intelligence Community environments., * Experience implementing and supporting the Risk Management Framework (RMF) throughout the system lifecycle.
  • Strong knowledge of NIST SP 800-53, ICD 503, and DoD cybersecurity policies.
  • Hands-on experience implementing, maintaining, and remediating Security Technical Implementation Guides (STIGs) across Windows, Linux (RHEL), network, virtualization
  • Experience executing technical remediation activities for vulnerabilities identified through ACAS, STIG compliance reviews, and other vulnerability management tools.
  • Experience writing, maintaining, and closing Plan of Action and Milestones (POA&Ms), including documenting remediation evidence and validating corrective actions.
  • Experience implementing and maintaining Assessment & Authorization (A&A) documentation and supporting RMF continuous monitoring activities.
  • Experience with security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, or equivalent.
  • Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies.
  • Experience scripting with Unix/Linux (RHEL), Bash, Python, and PowerShell.
  • Strong analytical, troubleshooting, documentation, and communication skills.
  • Ability to work independently while managing multiple priorities in a fast-paced environment.

What is ideal?

  • DoD 8570/8140 compliant certifications such as Security+, CISSP, CAP, or CASP+.

  • Experience supporting NGA TESR

  • Experience supporting Intelligence Community Assessment & Authorization processes.

  • Experience with security automation and Infrastructure-as-Code.

  • Experience with enterprise SIEM platforms such as Splunk or Elastic.

  • Intelligence Community Experience preferred

  • Recognizing great achievements do not go unnoticed by bcore through service anniversaries, spot awards, and employee referral bonuses

  • You'll join a growing organization of passionate, top-shelf, IT engineering professionals with extensive experience in actively developing the technology revolution in the Intelligence community

Benefits & conditions

  • The expected salary range within the Washington, DC metropolitan area is: $113,000-$139,000. Final compensation is unique to each individual and will be determined based on factors such as experience, education, geographic location, and contractual requirements. This is not a guarantee.
  • Benefits include Health/Dental/Vision, 401(k), Paid Time Off, STD/LTD/Life Insurance/Voluntary Life Insurance, Stipends, Referral Bonuses, and more.

Apply for this position