Cyber Security Engineer

About Arcticom, LLC Offering a broad range of information technology solutions, Arcticom, LLC provides network and systems administration, enterprise architecture and resource planning, certification and accreditation, software design, programming, maintenance of telecommunications and land mobile radio equipment and systems, help desk support and IT transformation services among other services. Arcticom offers impressive performance that is routinely recognized with exceptional ratings and commendations tied to installation successes. Satisfied Bering Straits Native Corporation (BSNC) family customers include the U.S. Air Force, Army, Navy, Coast Guard, the Departments of State, Justice, Commerce, Agriculture, Interior, Homeland Security, the General Services Administration, the Defense Logistics Agency and the U.S Census Bureau. About this position: Cyber Security Engineer in Dayton, OH The Essential Duties and Responsibilities are intended to present a descriptive list of the range of duties performed for this position and are not intended to reflect all duties performed within the job. Other duties may be assigned. To perform this job successfully, an individual must be able to satisfactorily perform each essential duty. The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of the position. Wage/Salary Range: 180,000 – 200,000 Applicants will be notified via email or phone within ten business days regarding application status. Essential Duties & Responsibilities Identify efforts of development and cyber security teams to build and maintain VITL-BMA applications Collaborate with the Office of Naval Research (ONR) to implement and sustain VITL-BMA efforts Monitor security controls as they are incorporated into the VITL-BMA application/programs Ensure system security measures comply with applicable government policies Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system Provide advice and guidance to technical team and client regarding adherence to Federal and DoD Cybersecurity regulations and policies including the Risk Management Framework (RMF) as well as document implementation in Security Controls Tractability Matrix (SCTM) Conduct policy reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional Research, configure, analyze and/or use software applications for security vulnerability monitoring, security automation and alerting Identify policy conflicts and recommend possible mitigations or solutions Maintain awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges Regulatory Compliance: Stay up-to-date with relevant cybersecurity frameworks, regulatory standards (FISMA, NIST, etc.), and security best practices. Ensure that security posture aligns with current government and industry compliance requirements. Incident Response and Reporting: Report cyber incidents to the ISSM/ISSO and participate in incident response activities and investigations, supporting the Incident Response Team lead as required. Training and Awareness: Provide guidance and support to system owners and other stakeholders on RMF processes, system security requirements, and risk management practices. Documentation and Reporting: Develop and maintain comprehensive documentation including System Security Plans (SSPs), Risk Assessment Reports (RAR), and POA&Ms (Plans of Action and Milestones). Provide detailed risk assessments, audit reports, and authorization packages to senior leadership. Use MCCAST as the official Marine Corps Governance, Risk Management, and Compliance (GRC) tool to build and maintain system packages and authorizations. Required (Minimum Necessary) Qualifications Education Requirements: Bachelor’s Degree Computer Science or Information Technology or relevant work experience Level of Experience Requirements: 5+ years’ experience in government cyber security, preferably with RMF and ATO Must qualify for DoD Directive 8140.01’s (722) Must be a US Citizen Experience in the following tools highly preferred: SailPoint IdentityIQ CyberArk PAS Radiant Logic PingIdentity Knowledge, Skills, Abilities, and Other Characteristics Security Test Plan Knowledge Gather, analyze Security Test Results (STIG checks, scans, manual tests) Advocate for appropriate IA design decisions for N-Tier architectures Ability to evaluate, build and implement policies and security processes as well as suggest solutions, compromises and improvements. Excellent time management skills Excellent communications skills (written & oral) Expert ability to summarize complex information and communicate at appropriate levels Experience in PERSEC, COMSEC and/or program security roles Experience using any, or all, of the following tools (Preferred): Fortify SonarQube Jira Confluence Preferred Working knowledge of the Agile Development methodology (Preferred) Necessary Physical Requirements The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this role. Employees must always maintain a constant state of mental alertness. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about. Work Environment The work environmental characteristics described here are representative of those that must be borne by an employee to successfully perform the essential functions of the role. Employees must always maintain a constant state of situational awareness. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Job is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse, and multi-line telephone system. The work described herein is primarily a modern office setting. Occasional travel may be required. Supervisory Responsibilities This position will not have supervisory responsibilities. DOT Covered/Safety-Sensitive Role Requirements This position is not subject to federal requirements regarding Department of Transportation “safety-sensitive” functions. Additional Qualifying Factors As a condition of employment, you will be required to pass a pre-employment drug screening and have acceptable background check results. If applicable to the contract, you must also obtain and maintain the appropriate clearance levels required and must also be able to obtain access to military installations. Shareholder Preference BSNC gives hiring, promotion, training, and retention preference to BSNC shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job. Bering Straits Native Corporation is an equal opportunity employer. All applicants will receive consideration for employment without regard to any status protected by state or federal law, or any other basis prohibited by law.