We are an aerospace and defense design, engineering and IT placement firm specialized in the recruitment of Software and IT personnel for aerospace, military and defense companies.Our client is a leading provider of cutting-edge cybersecurity solutions for space, defense, military, and government applications. Their mission is to protect national security by securing critical infrastructure, advanced weapon systems, and classified networks from cyber threats. They specialize in offensive and defensive cybersecurity operations, embedded systems security, and zero-trust architectures that support mission-critical operations.
As a Cyber Security Engineer, you will design, implement, and maintain security frameworks that ensure compliance with NIST, DFARS, CMMC, and DoD 8500.01 security standards. This role requires a deep understanding of advanced persistent threats (APTs), secure communications, network hardening, and cryptographic protocols to safeguard highly sensitive systems.
This position requires working with classified and highly sensitive projects, and candidates must meet government security clearance requirements.
Typical Duties and Responsibilities
Cybersecurity Architecture & Risk Assessment
- Design, implement, and manage cybersecurity frameworks in compliance with NIST 800-53, RMF (Risk Management Framework), CMMC, and DoD security standards.
- Conduct risk assessments and vulnerability analysis to identify security weaknesses in space, defense, and military systems.
- Develop and enforce zero-trust security models, endpoint protection, and least privilege access controls.
Network Security & Secure Communications
- Implement firewall configurations, intrusion detection/prevention systems (IDS/IPS), SIEM solutions, and secure network segmentation.
- Work with DoD-approved encryption methods, cryptographic protocols, and secure key management.
- Enhance endpoint detection and response (EDR) capabilities with tools like CrowdStrike, Carbon Black, and SentinelOne.
Offensive & Defensive Cybersecurity Operations
- Conduct penetration testing, red team exercises, and vulnerability exploitation using tools like Metasploit, Kali Linux, and Burp Suite.
- Implement cyber threat intelligence (CTI) techniques and develop incident response strategies for advanced persistent threats (APTs).
- Develop hardened operating environments for mission-critical applications and embedded systems.
Compliance & Secure Development
- Ensure compliance with DoD 8500.01, DFARS 252.204-7012, ITAR, and FedRAMP security policies.
- Implement DevSecOps methodologies, integrating security automation into CI/CD pipelines with tools like Ansible, GitLab CI/CD, and Terraform.
- Work closely with software engineers to conduct secure code reviews and vulnerability scanning using SonarQube, Fortify, and Checkmarx.
Incident Response & Forensics
- Develop and implement incident response playbooks, ensuring rapid containment and remediation of cyber threats.
- Perform digital forensics analysis using tools like Autopsy, EnCase, and Volatility to investigate security breaches.
Collaborate with government agencies and classified program stakeholders to share threat intelligence and improve security posture.
Education
- Bachelor’s or Master’s Degree in Cybersecurity, Computer Science, Information Security, or a related field.
- Equivalent military or government cybersecurity training and experience may be considered.
Required Skills and Experience
- 10+ years of experience in cybersecurity engineering, network security, or information assurance for defense, space, or government agencies.
- Active security clearance (Secret, Top Secret, or TS/SCI).
- Expertise in DoD Risk Management Framework (RMF), NIST 800-171, and CMMC compliance.
- Strong knowledge of firewalls, IDS/IPS, SIEM solutions, and endpoint protection tools.
- Experience with penetration testing, red teaming, and security assessments in classified environments.
- Hands-on experience with Linux hardening, Windows security, and embedded systems protection.
- Deep understanding of cryptography, secure communications, and network encryption.
- Proficiency in security automation tools such as Ansible, Terraform, and Python scripting for security orchestration.
- Strong experience in DevSecOps methodologies, CI/CD security, and cloud security (AWS GovCloud, Azure Government, or on-prem secure cloud infrastructures).
Preferred Qualifications
- CISSP, CEH, OSCP, GIAC, CISM, or DoD 8570 IAT Level III certification.
- Experience with offensive security testing, adversarial simulation, and cyber warfare tactics.
- Knowledge of classified system security accreditation processes (ICD 503, STIG compliance, and TEMPEST requirements).
- Experience in embedded system cybersecurity for military or aerospace applications.
