Cyber Security Assurance Engineer

Keylogic Systems, Inc. Fairmont , WV 26554

Posted 5 days ago

Job Description

KeyLogic is seeking outstanding candidates with industry experience to join our expanding team!

Security Assurance EngineerLocation:
Fairmont, WV

Job Code:804


As a Cyber Security Assurance Engineer you will become an integral part of our growing organization. As a member of the KeyLogic Team, you will be able to expand your knowledge, work with top industry experts and be a valued and recognized employee. The position requires an ability to take initiative and a willingness to work in a flexible, fast-paced environment.


KeyLogic supports NASAs Independent Verification and Validation (IV&V) Program, delivering analysis, validation and verification of safety-critical and mission-critical software for important NASA science and human exploration programs.

Roles and Responsibilities:

  • Performs independent assessments (system and software security vulnerability, threat, and risk assessments) and penetration tests on development and large-scale operational environments.
  • Performs full-lifecycle (i.e., Concept to Deployment) Information Assurance (IA) security analyses to ensure the logical and systematic conversion of customer or product requirements into total secure systems solutions that acknowledge technical constraints.
  • Performs NIST security control assessments in support of Assessment and Authorization (A&A) / Certification & Accreditation (C&A) processes.
  • Performs analysis of systems security and software architecture, system security and software requirements, system and software design, source code, and the developers unit, build, and systems integration test products.
  • Performs functional analysis, timeline analysis, detail trade studies, and requirements allocation and interface definition studies to evaluate compliance of software/systems developers software security specifications and requirements to the software security standards (e.g., NIST Standards).
  • Performs mentoring and training on information assurance methodologies/techniques.
  • Develops independent test plans, cases, procedures, and scripts and performs independent testing of safety and mission critical software systems to ensure the system will not do what it is not supposed to do and will respond in a safe and desired manner under adverse conditions.
  • Interacts directly with targeted development program personnel providing a suitable interface for the program to gain access to the results of IV&V IA analyses.
  • Collaborates with cross-functional teams of security and systems analysts performing assessments and/or verification and validation analyses.
  • Analyzes effectiveness/efficiency of the NASA IV&V program's security analysis procedures and processes, and develops/recommends improvements.
  • Prepares presentations, reports, research, and other contract deliverables related to mission assurance analyses performed.
  • Supports IV&V project lead directly as knowledgeable reviewer of IV&V security analysis products and services.
  • Participates in Risk Management process as it relates to execution of the mission assurance and/or IV&V projects and to the software/systems development project being evaluated by the IV&V team.
  • Performs technical task planning and supports the Project Lead in the execution and control of the tasks.
  • Participates in selected programs, events, and meetings involving staff, Government customers, and visitors.

Minimum Qualifications To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

  • Experience and expertise with security engineering and analysis, architecture, design, NIST, security controls, Certification & Accreditation (C&A), Assessment & Authorization (A&A), risk assessment, vulnerability and threat assessment.
  • CISSP Certification.
  • Working knowledge and experience applying Information Assurance techniques in all system development life-cycle phases.
  • Experience performing vulnerability assessments, independent security assessments, and penetration testing on mission-critical systems.
  • Experience selecting, implementing, documenting, and assessing NIST security controls on large complex mission-critical systems.
  • Experience writing, managing, and/or adjudicating System Security Plans (SSP) and all associated security controls documentation.
  • Expert knowledge of operating systems internals (Linux, Windows), network protocols and technologies, web services, databases, scripting, programming languages (C/C++, Java, Perl, Python, Assembly), firewalls.
  • Experience applying NIST 800-37 and 800-53 to development and operational systems.
  • Minimum of 7 years of experience with a Bachelors degree in Computer Science, Systems Engineering, Aerospace Engineering, Electrical Engineering, Computer Engineering, Information Systems, or other software-related engineering program, OR an additional 4 years of directly related experience in lieu of degree.
  • Excellent writing and communication skills are required, and ability to interact well in group meeting/working environments.
  • Work experience with all major aspects of the systems/software development life cycle (requirements, design, implementation, and test) is required.
  • Familiarity with software architecture, systems engineering, and verification and validation Proficiency with MS Office (Word, Excel, PowerPoint, Outlook).
  • Must be able to obtain and maintain a Public Trust Security Clearance.
  • Work is performed on-site in Government facilities. Occasional travel may be required.

Desired Skills:

  • Experience and expertise in the following domains: Access Control, Telecommunications and Network Security, Information Security Governance and Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operations Security, Business Continuity and Disaster Recovery Planning, Legal, Regulations, Investigations and Compliance, Physical (Environmental) Security Certifications such as: Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), GIAC Penetration Tester (GPEN), EC-Council Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT), Committee on National Security Systems CNSSI-4012, CNSS-4011, NSA-INFOSEC Assessment Methodology (IAM), NSA-INFOSEC Evaluation Methodology (IEM).
  • Experience and expertise with NASA or military programs involving ground communication systems security.
  • Experience with FedRAMP and 3PAO.
  • Familiarity with UML, static code analysis tools, service oriented architecture, agile processes, project planning/integration, and business process engineering.
  • Experience and familiarity with the NASA Space Network, Tracking and Data Relay Satellites (TDRS), Space- Network Ground Segment, Satellite Mission Operations, or other programs involving ground communications; COTS integration; network performance; software safety; and mission assurance.

Company Description

KeyLogic is a highly successful provider of professional and engineering services. We specialize in solutions that enable our customers to make better decisions for their organization. KeyLogics performance has earned the company a solid reputation for high standards, proactive solutions, and an outstanding commitment to the customer, best exemplified by the fact we have never had a one-time federal customer all of our customers have provided repeat business.
KeyLogic has achieved seventeen consecutive years of growth since its founding in 1999. Our client list includes the Department of Defense (DoD), where we provide services for the Defense Information Systems Agency (DISA) and the U.S. Army and Navy, Environmental Protection Agency (EPA), Departments of Labor (DOL), Energy (DOE), Transportation (DOT) and Treasury (including the Internal Revenue Service (IRS)), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA).
KeyLogic has successfully attained a Capability Maturity Model Integration for Development (CMMI-DEV) Maturity Level 3 Rating. CMMI-DEV is a process improvement approach for software engineering and organizational development that provides organizations with the essential best practices needed to meet business goals. Only three-percent of small and medium federal contractors have achieved CMMI Maturity Level 3. KeyLogic joins this distinguished group.
KeyLogic Systems is an Equal Opportunity/Affirmative Action Employer- Minorities/Females/Protected Veterans/Disabled.
Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
652885 Cyber Security Engineer


  Posted 2 days ago

VIEW JOBS 5/18/2018 12:00:00 AM 2018-08-16T00:00 Description: The Defense & Intelligence Group of Leidos has an exciting job opportunity for a Cyber Security Engineer in Fairmont, WV supporting the DOD ABIS. As the largest provider of IT services to the U.S. Government, Leidos develops and sustains large data and technology infrastructures and integrates complex IT systems for almost every branch of the U.S. Government. Leidos currently has a number of positions supporting the Department Of Defense Automated Biometric Identification System (DoD ABIS) Sustainment Services And Service Life Extension program. DoD ABIS is an information technology system that supports identity superiority by providing the critical capability for warfighters to identify known or suspected terrorists and third country nationals in the course of military operations. DoD ABIS is the authoritative biometrics enterprise system that provides matching, sharing and storing of biometrics data. The capability can receive multi-modal biometrics submissions to include iris, face, palm and finger prints from biometrics collection devices, which will support the warfighter in making, retain, capture, or release decisions. By providing access and responding to requests the system has a direct impact on the availability of critical intelligence information that is of vital interest to DoD and other government agencies. PRIMARY RESPONSIBILITIES: * Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. * Risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. * Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. * prepare security reports to regulatory agencies. * Assist in maintaining a system that can be certified and accredited in accordance with Army and DoD Security Requirements and Policy * Deploy and maintain cybersecurity products, including intrusion detection/prevention systems (IDS/IPS), vulnerability scanners, network proxies, endpoint security systems and other security components * Perform system vulnerability and compliance scans * Perform systems security patches and updates Qualifications: BASIC QUALIFICATIONS: * Bachelors degree with 2-5 Years of relevant experience. Additional years of experience may be used in lieu of a degree. * Experience with securing Windows and Linux systems * Experience with IDS/IPS, vulnerability scanners, network proxies, and/or endpoint security systems * Meet DoD 8570.01–M and IT Level II requiring favorable completion of a NACIC (for civilians) or national agency check (NAC) (for military and contractors), as appropriate and favorable review of SF 85P and Supplemental Questionnaire * Ability to access FBI CJIS Campus in Clarksburg, WV * Currently possess an active Secret clearance with the ability to obtain a Top Secret Clearance. Preferred Qualifications: * Bachelor's degree in Information Technology, Cyber Security, Engineering or related field * 2-5 Years of relevant experience ADDITIONAL QUALIFICATIONS: * Experience with securing cloud technologies * Experience with Sourcefire/Firepower, ACAS, HBSS, RHEL/CentOS, WSUS, SCCM, BlueCoat, Linux and/or Windows system administration is a plus. * Experience with agile development methodology (Scrum) and the Risk Management Framework (RMF) * Prior DoD ABIS, IAFIS, Enterprise Biometric Systems, Web Application Development is a definite plus. External Referral Eligible Leidos Overview: Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit The company's diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer. Leidos Fairmont WV

Cyber Security Assurance Engineer

Keylogic Systems, Inc.