Parsons Corporation Cybersecurity Cross Domain Solution Engineer in Colorado Springs, Colorado
Minimum Clearance Required to Start:
Ready for a challenge that will require your experience and keep you on the edge of cybersecurity? Take your Systems experience and lead teams that ensure security for our national defense systems. Parsons is now hiring experienced Systems Specialists with a passion for cybersecurity.
We are seeking a hands-on technical Cybersecurity Engineer (CSE) with a 'can do' attitude to join our high performing team in Colorado Springs in an agile fast-based environment. The CSE will provide subject matter expertise (SME) inputs and recommendations to system engineering teams throughout the program's lifecycle from requirement generation, to architecture, design, implementation, test, and system sustainment. The CSE is also responsible for developing, updating, and/or maintaining program of record cybersecurity technical design.
The right candidate will participate in hands-on designing of secured systems architecture deployed to DoD on-premise and Cloud secured architectures, hands-on securing Development/Test/Deployment environments, hands-on System Security Engineering, and assisting Information Systems Security Manager/Officer (ISSM/ISSO) Services throughout the system Assessment and Authorization processes.
This position will support the cybersecurity engineering, test, and integration for Space Ground Systems. Initiatives will focus on the cybersecurity aspects of system design to robustly deal with cyber-related disruptions, minimizing misuse and malicious behavior, while supporting the warfighting operational tempo.
Provide CSE support to the Assessment and Authorization (A&A) Risk Management Framework process on all client managed Cross Domain Solutions (CDS) systems, to ensure the valid and accurate review of all associated documentation; support remote sites when requiredConduct security engineering SME to the assessments on various CDS and Controlled Interfaces per DoD and IC requirements for the purpose of obtaining approval to operate
Accomplish risk assessments based on obtained Body of Evidence including risk, mitigations, recommendations for SAR's and POA&M's
Responsible for the Security Engineering technical delivery of ECDS new services and features
Assists in the deployment of CDS equipmentAssists in the installation of CDS software using automation tools such as Saltstack
Works with customers and various agile engineering disciplines to analyze operational needs, decompose requirements, generate cybersecurity functional requirements, and supports the agile development of robust security posture focusing on mission versus compliance.
Coordinates requirements with various agile teams to ensure appropriate security requirements are met across cloud and on-prem environments and validates solutions.
Works closely with system designers, operators, as well as industry to design security into products, develop new standards, and highlight requirement gaps to deliver systems into a long term strategically strong configuration.
Conducts threat analysis of systems
Evaluates the effectiveness of methods used to safeguard systems, devices, procedures, and information in computer.
Develops Security Test and Evaluation (ST&E) validation procedures, execute ST&E, and document results
Develops documentation, policy and procedures; Ports Protocols and Services Management (PPSM); system and network diagrams, descriptions, SOPs, review previous certification and accreditation documents; compile and generate RMF artifacts (ST&E results, etc.)
Provide system security engineering in accordance with the process, task, and activity guidelines established in DOD Instruction 8510.01 Risk Management Framework (RMF) for DoD Information Technology (IT)
Review program requirements, deliverables and activities to determine adequacy of information security architecture, define needed risk reduction activities, and operational monitoring/defensive capabilities. Implement cybersecurity and DoD RMF activities to integrate needed security capabilities across cloud and on-prem deployments. Design and conduct risk assessments to ensure fielded security capabilities are implemented properly and adequately provide resiliency against projected threat, key activities.
Required Education and Experience:
- 8+ years of relevant experience with a BS OR 12+ years of relevant experience with a AA/AS
Hands-on experience in computer networking concepts and protocols, and network security methodologies
Hands-on design and implementation of enterprise security servicesApplied experience administering Cross Domain Solutions
Experience with Operating Systems Security/hardening, particularly RHEL or CenOS 5/6/7/8
Experience designing secure web service-based technologies such as XML, XSLTs, Schema Validation, SOAP, REST, and related messaging protocols
Implementation and deployment using autonomic computing conceptsProficient knowledge of Unix/Linux and NCDSMO baselined CDS and filtering applications
Must possess current DoD 8570 IAT III level certification
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
Hands-on experience in conducting cyber threat analysis
Hands-on experience in information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
Hands-on experience in network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML)
Hands-on experience in secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs)
Hands-on experience in network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
Hands-on experience in Confidentiality, Integrity, Availability levels and the NIST 800-53 controls associated with each level
Ability to produce technical documentation
Preferred Experience and Qualifications:
Security+ Current professional cybersecurity certification such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC),or Global Information Assurance Certification (GIAC)
Experience in information assurance, risk management or a related discipline
Working knowledge of a broad range of standards and frameworks - for example, NIST, Committee on National Security Systems (CNSS), RMF, International Standards Organization (ISO) 27001
Working knowledge of security and auditing cloud infrastructures such as Amazon Web Services, Microsoft Azure, Google Cloud Platform
Fuzz testing and static analysis tools experience
Satellite ground systems or satellite command and control experience
Familiarity with Air Force Satellite Control Network (AFSCN) Mission scheduling
Security Clearance Requirements: Active DoD Secret Security Clearance (or used within the past 2 years)
The anticipated annualized full time target compensation (median) for this position is: $120,000.00.Benefits for this position include: medical, dental, vision, paid time off, Employee Stock Ownership Plan (ESOP) and 401K.Must be able to obtain, maintain and/or currently possess a security clearance.
The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief.
Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+. All qualified applicants will receive consideration for employment without regard to an individual’s race, color, religion, national origin, ethnicity, union affiliation, age, sex, sexual orientation, gender identity and expression, pregnancy, employable physical or mental disability, veteran status, genetic information, immigration status, or any other basis protected by all applicable laws.