Cybersecurity Engineer, Senior

Who We Are.

At CMIT, we do more than provide real-world solutions. We deliver transformative results. Through cutting-edge technology and process innovations, we are changing how federal and commercial clients worldwide deliver their mission. A service-disabled veteran-owned small business, we take pride in serving our nation through exemplary support for our clients and employees alike.

CYBERSECURITY ENGINEER, SENIOR

Currently, we are seeking a motivated, career and team-oriented Senior Cybersecurity Engineer in support of the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Continuous Diagnostic & Mitigation (CDM) Data Services Program. The CDM Data Services Program is a critical component of CISA's national effort to ensure the defense and resilience of cyberspace.

The CDM Data Services Program mission is to provide a standardized platform to collect, transform, and integrate cybersecurity data from relevant authoritative data sources into a coherent data, delivering actionable information into Agency and Federal Dashboards to identify risk areas in support of mitigation as well as to facilitate coordinated agency and national response to cyber-threats.

This is a remote position where the candidate can work from any location within the United States provided, they are able to work on an eastern time zone schedule.

Responsibilities

• Conduct full development lifecycle of data that includes requirements from DHS, other OMB initiatives, and provide support for the whole program.
• Build a new data automation practice on the program to address our client's most pressing needs with Cyber Security Threats and Data.
  
• Install, configure, and support COTS cybersecurity solutions to include Tenable.SC, Forescout, BigFix, Tanium, SCCM / MECM, and other such tools on "on-prem" virtualization platforms manually and via ansible automation
• Utilize strong Operating System level ability to configure, secure, and automate tasks on the command line interfaces of Linux and Windows
• Configure and maintain SaaS based cyber tools such as Crowdstrike, MS Defender for Cloud, MS Intune, etc.
• Work in a multi-functional team to assist in the development of Ansible and Terraform automation scripts to automate the deployment of lab-based analogs of production environments in order to produce cybersecurity data feeds
• Apply security lock downs (STIGs) to operating systems and software via automated means
• Work in an environment which employs CICD, DevSecOps, and Infrastructure as Code (IaC) principals
• Ensure cyber data on lab endpoints is being generated by cybersecurity tools to meet specific data field requirements in our logical data model
• Perform research and analysis on COTS cybersecurity solutions to determine the efficacy both as a security tool as well as a data source.
• Quickly learn new and unfamiliar tools, technology, and software utilizing vendor documentation and research methodologies
• Coordinates and supports the transition of new capabilities to Operations in accordance with the DHS SELC lifecycle, Agile SAFe methodology and in coordination with ManTech software testing
• Supports and observes software testing activities to meet task order requirements
• Recommends, creates, and follows documented methods and practices to deliver effective, efficient, and professional Operations support
• Maintains the confidentiality, integrity, and availability of data across physical and logical solution boundaries in multi-Agency environments
• Participates in regular reviews with the Innovation Team
• Ability to follow Procedures, Processes, and Escalation gates
• Ensure that system security requirements are addressed throughout the Project and system lifecycle
• Ensure effective controls, countermeasures, processes are in place and optimized to maintain a strong Organizational and system security posture.
• Participate in technical discussions to elicit and communicate technical resource requirements
• Plan, perform and verify the implementation of updates, patches, and routine maintenance to the Development Lab
• Identify gaps and bottlenecks in the presentation and reporting of data generated by cyber tools
• Prioritize and perform advanced troubleshooting activities, including rapid installation and configuration of test systems.
• Perform miscellaneous administrative support functions as directed by the Program Resource Lead, Personnel Security Officer, and/or Program Management Office Director

Education/Certifications Required

• Bachelor's Degree complete or in progress preferably in applied mathematics, statistics, computer science, data science, electrical engineering, physics, or closely related field or relevant experience in place of a degree

Desired Certifications

• Cloud platform certifications (AWS, Azure)
• Security certification such as Security+, CASP, CISSP
• Tool certifications such as Tenable Security Center Specialist, Tanium Certified Administrator, ServiceNow Certified System Administrator etc.

Qualifications Required

• 9+ overall years of related experience
• Bring a consultative approach to data to improve the value of the data that's being collected by our customers.
• Be a thought leader in the practice of Big Data in solving our clients' cyber security problems, coupled with demonstrated experience designing and developing enterprise data solutions for large clients
• Experience with scripting languages like Python, Bash, Powershell
• Hands on experience installing and maintaining at least one of the following: Tennable.SC, Forescout, Tanium, Bigfix, Axonius and other tools in the CDM portfolio
• Experience with application deployment automation via Ansible
• Familiarity with infrastructure as code concepts used by Ansible and Terraform
• Strong Linux CLI (BASH) ability
• Windows administrative ability
• Proven ability to analyze complex problems, theorize root causes, and develop creative solutions.
• Understanding of REST API authentication types, knowledge of REST methods, and ability to mine APIs to meet data requirements.
• Proven ability to analyze complex problems, theorize root causes, and develop creative solutions.
• Experience with database query languages like SQL, T-SQL, KQL
• Proficient at queries, report writing and presenting findings
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
• Experience understanding organizational needs, proposing solutions, and managing project execution efforts designed to deliver overall program benefits for Government Agencies
• Experience in conducting assessments of an Enterprise by reviewing technical documentation, conducting interviews and workshops to identify gaps and develop a tailored solution is highly desired.
• Demonstrated interest in security solution design using existing as well as emerging technologies to deliver enterprise solutions.
• Familiarity with cloud concepts in Azure and AWS

Additional Skills

• Demonstrated ability to investigate data and present findings to internal teammates and client audiences.

Clearance Requirements

• Must be a US citizen and pass a background investigation.
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

Who Makes It Happen.

At CMIT, we firmly believe that our innovative solutions are only as powerful as the teams harnessing them. Our people are more than just contributors - they are at the heart of everything we do and every success that we earn. Our employees are offered ample options to design a personalized benefits package that best meets their needs. Options include:

• Medical / Rx
• HSA / FSA
• Dental & Vision
• Life / AD&D
• Long & Short Disability
• Disability Insurance
• Accident Insurance
• Critical Illness
• Hospital Insurance
• Pet Benefits
• Education/Training Program
• 401k Retirement
• Generous Paid Time Off
• Flexible Parental Leave
• Volunteer Time Off
• Flexible Work Locations
• Alternative Work Schedules

CMIT provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

COVID-19 Safety Protocols: To protect the health and safety of its employees and to comply with customer requirements, employees in certain positions may be required to be fully vaccinated against COVID-19 or subject to facility entry safety protocols (e.g., testing, masking, physical distancing), subject to the status of the federal contractor mandate and customer site requirements.