As a Systems Security Engineer III (SSE) at SNC, you will be at the forefront of safeguarding our systems throughout the acquisition lifecycle. You will play a critical role in ensuring the highest standards of cybersecurity and Information Assurance (IA) solutions for SNC and our valued customers. Your expertise will be pivotal in maintaining the confidentiality, integrity, and availability of our systems. By collaborating closely with system owners, administrators, engineers, and program managers, you will ensure that cybersecurity controls are effectively implemented and maintained throughout the system lifecycle. Join our dynamic and fast-paced environment, where your contributions will make a significant impact!
The Mission Solutions and Technologies (MST) business area provides affordable, turn-key command/control, communications, integrated ISR, force protection and security solutions worldwide. The MST team has a long legacy of supporting the Department of Defense, Department of Homeland Security, commercial and international customers with years of experience in platform operations, engineering and full lifecycle management across domains – air, land, sea, space and cyber. https://www.sncorp.com/company/business-areas/
Responsibilities:
Perform System Security Engineering (SSE) and Cybersecurity/IA job functions: establish and validate system boundaries; ensure comprehensive documentation of information systems, functionalities, data governance, and adherence to compliance standards and processes; collaborate with cross-functional teams to validate security requirementsDevelop and manage security documentation in support of NIST 800-171 compliance activities, including System Security Plans (SSPs), Plans of Action & Milestones (POA&M), software and hardware inventory, network diagrams, INFOSEC policies, and configuration management processes, ensuring audit readinessProvide input to CMMC documentation: Systems Security Plan (SSP), Plan of Action & Milestones (POA&M), Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedure, Risk Assessment Report, and Configuration ManagementIntegrate security requirements: ensure cybersecurity requirements are effectively incorporated into information systems throughout the Systems Development Life Cycle (SDLC) using methodologies such as Agile and DevSecOps; implement secure design, architecture, and coding practices, with continuous feedback loops for ongoing security enhancementsConduct security risk assessments: perform detailed risk assessments, including threat modeling and penetration testing, to identify vulnerabilities and tailor security controls to protect systems and information; stay updated with emerging threats and vulnerabilities to continuously enhance risk assessment practicesLead configuration management: oversee the configuration management process, providing expert guidance during system development and acquisition to ensure security compliance; utilize tools such as ServiceNow and CMDB for effective configuration management and conduct regular audits and compliance checksCoordinate compliance activities: conduct periodic and ad-hoc validation and security control assessments, ensuring ongoing compliance with NIST 800-171, corporate policies, program contracts, and all specific identified requirementsEnhance technical cybersecurity/IA skills: maintain and continuously develop your technical skillset in cybersecurity and information assurance, focusing on areas such as IT enterprise environments, cloud security, incident response, and system architecture reviewsPeriodic travel to SNC, customer, and partner facilities to support program and business-wide activitiesFollow SNC policies, processes, and procedures for all technical activitiesPunctuality to work each day and prepared to work scheduled work hoursOther duties as assignedMust-haves:
Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline and typically 6 years of relevant experienceRelevant experience may be considered in lieu of required educationDoDD 8140 IAT Level II *Required within 6 months of hireStrong communication skills; ability to translate complex cybersecurity information into quantifiable business risk and communicate risk effectively to business and executive leaershipCisco, Microsoft, Linux, Azure/Cloud or other technical certifications a plusKnowledge of technical standards relating to systems security; UNIX, Linux, and Windows administration, experience with large-scale servers and large-scale enterprise IT environments, virtualization and containerization, cloud computing (Azure preferred), secure network architecture, cybersecurity stack experience (web filtering, SSL inspection, DLP, antivirus, firewalls, PCAP, SIEM, etc.)Solid understanding of at least one security framework (preferably NIST 800-171), NIST 800-53 second preferredAbility to balance cybersecurity requirements with SNC’s mission, goals, and cultureStrong critical thinking and problem solving skills; self-motivated with ability to effectively prioritize multiple projects; ability to work with people in a team environment and flexibility through learning and adaptationAbility to manage time, make sound decisions, take independent action, analyze problems and provide focused solutionsHigh degree of attention to detailPreferred:
ISSM CAP, CISSP, or CISM CertificationISSE CAP, CISSP-ISSEP CertificationCISSP, Security+, ISSO Security+, CISA, or CASP+ CertificationMCSE, Linux, and/or CCNP Security CertificationAzure cloud certifications, or other relevant cloud certification Other relevant IT and/or technology certificationEstimated Starting Salary : [95,298.10 USD Annual]
SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.
IMPORTANT NOTICE:
This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.Learn more about the background check process for Security Clearances.
SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!
As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination. Employment decisions are made without regarding to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or other characteristics protected by law. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.