Cyber Security Engineer, Journeyman

KAIROS Inc

  • Saint Inigoes, MD
  • $110,000-130,000 per year
  • Permanent
  • Full-time
  • 1 day ago
  • Apply easily
KAIROS, Inc. is searching for an energetic, experienced, and highly motivated Cyber Security Engineer, Journeyman to join our team. This position will be on-site at NAWCAD WOLF St. Inigoes, MD.Established in July 2013, KAIROS, Inc. is a growing Woman Owned Small Business (WOSB) providing full life cycle Cybersecurity, Program Management, Systems Engineering, and Training and Education services focused on optimizing customers’ program performance and mission through proven methodologies and ethical practices. Our headquarters is in California, MD, near Naval Air Station Patuxent River. We offer competitive salaries and benefits with outstanding growth potential.This position will be responsible for working with the engineering team in designing, implementing, and maintaining security measures to protect organizational systems and networks from cyber threats. The individual will have demonstrated knowledge to plan, implement, upgrade, test, or monitor security measures for the protection of systems, computer networks, and information. The individual in this position will be integrated as a member of the engineering team working with hardware, software, firmware, and test engineers to ensure alignment and compliance with the Risk Management Framework (RMF) for DoD Systems (DOD Instruction 8510.01). This position will ensure the RMF process integrates with the system life cycle and system security engineering processes. The position will ensure the program initiates or updates RMF activities during system inception (e.g., documented during requirements identification) and for any significant system modifications (e.g., engineering changes). This position will assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.Primary Duties:
  • Work closely with electrical, software, and systems engineers to ensure cybersecurity is integrated throughout the system development lifecycle.
  • Participate in design reviews to ensure security requirements are incorporated into system architectures and interface definitions.
  • Assist in preparing documentation and evidence for RMF (Risk Management Framework), NIST, and other cybersecurity compliance efforts.
  • Create and maintain secure configurations for operating systems, firmware, and embedded devices used in engineering projects.
  • Conduct threat modeling exercises for engineering systems and propose mitigation strategies aligned with mission requirements.
  • Translate customer cybersecurity requirements into actionable engineering tasks and ensure traceability throughout the development process.
  • Plan, implement, upgrade, test, or monitor security measures for the protection of systems/subsystems, computer networks, and information.
  • Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
  • Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
  • Develop and deploy security protocols and systems to safeguard sensitive data and prevent unauthorized access.
  • Regularly assess and test the organization's security measures to identify vulnerabilities and ensure compliance with security standards.
  • Provide training and guidance to employees on security best practices and protocols to minimize human error vulnerabilities.
Skills and Qualifications:
  • Systems Engineering Awareness: Understanding of systems engineering principles and how cybersecurity integrates with requirements, design, verification, and validation.
  • Embedded Systems Security: Familiarity with securing embedded systems, firmware, and hardware interfaces (e.g., UART, SPI, I2C).
  • Secure Software Development: Knowledge of secure coding practices and software assurance techniques, especially in C/C++ and Python.
  • Configuration Management: Experience with version control systems (e.g., Git), secure build environments, and CI/CD pipelines.
  • Documentation and Reporting: Ability to produce clear, concise documentation for security controls, risk assessments, and audit findings.
  • Cross-Functional Communication: Skilled in translating technical security concepts for non-security stakeholders, including engineers and program managers.
  • Technical Experience: Strong knowledge of computer networks, systems, and applications, along with an understanding of associated vulnerabilities and threat landscapes.
  • Problem-Solving Skills: Excellent analytical and problem-solving abilities to identify, analyze, and mitigate security risks effectively.
  • Proficiency with Security/Validation Testing Tools: Experience with security/validation testing tools to include vulnerability scanners (Nessus), Static Code Analyzers, Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and Evaluate-STIG.
  • Proficiency with Security Technologies: Experience with security technologies such as firewalls, intrusion detection systems, and encryption methods.
  • Required Certifications: Security+ CE
  • Ability to lead the execution of complex tasks, when applicable.
  • Strong customer relations, analytics, and documentation skills.
  • Self-starter, highly motivated, strong work ethic with a commitment to quality.
  • Microsoft Office proficiency.
  • Ability to work within a challenging, fast-paced, team-oriented environment
  • Ability to work independently
  • Ability to multitask and meet competing, deliverable deadlines
  • Detail oriented
  • Excellent interpersonal and customer service skills
  • Excellent verbal and written communication skills to provide clear status and/or communicate issues
  • Ability to adapt to evolving technology
Desired Skills and Certifications:
  • Familiarity with the Risk Management Framework (RMF).
  • Familiarity with programming languages (e.g., Python, Java, or C++) for developing security solutions and automating tasks.
  • Relevant certifications, including but not limited to CompTIA CySa+; COMPTIA Project+; IT Infrastructure Library (ITIL); CompTIA Network+; CompTIA A+, CGRC, CEH, CASP+, CompTIA PenTest+, and CISSP.
  • Familiarity with Anti-Tamper and Penetration Testing techniques.
  • Familiarity with Standards: Knowledge of NIST SP 800-53, NIST SP 800-171, ISO/IEC 27001, and DoD STIGs.
​Education and Experience:
  • Bachelor’s degree in a Cyber Security or Engineering field.
  • In lieu of a bachelor's degree, a substitution may be allowed for a degree and years of applicable experience.
  • Three (3) years of relevant experience (experience can be educational and/or professional, or a combination of both).
  • Of the minimum three (3) years of experience, at least two of those years must be in DoD in either Engineering or Cybersecurity and Risk Management Framework, or a combination of both.
  • Security+ CE Certification
Clearance:
This position is subject to a government security investigation and must meet eligibility requirements for access to classified information. In order to complete the requirements for government security clearance investigation, you must be a U.S. Citizen and be able to complete the full background investigation. This position requires an Active Secret Security Clearance. An active Top Secret Security Clearance is highly desirable.While skills, education, and experience are key factors, they are not the sole determinants of salary. Other determining factors include, but are not limited to, location, contract budgets and requirements, and government labor category guidelines. The estimated salary range for this position is $110,000 - $130,000. KAIROS also provides a comprehensive benefits package as additional employee compensation.KAIROS, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, national origin, or any other characteristic protected by federal, state, or local laws.KAIROS offers our employees a comprehensive benefits package consisting of:
  • Medical Coverage
  • Employer Paid Dental, Vision, Basic Life/AD&D, Short-Term/Long-Term Insurance
  • Health Savings Account with Contribution by Employer
  • 401K Plan with Employer Matching
  • Annual Discretionary Bonuses
  • Paid Time Off
  • Eleven (11) Paid Holidays
  • Certification reimbursement program
  • Tuition Reimbursement Program
  • Paid Parental Leave
  • Employee Assistance Program (EAP)
  • Rewards and recognition programs
  • Community outreach events through our KAIROS Kares group
To learn more about our organization be sure to check out our website, https://www.kairosinc.net/Powered by JazzHR

KAIROS Inc