Cyber Security Project Engineer

Job Description

Job Description

What Impact You'll Have

GRVTY is a member of 100% of the winning teams for the largest technology program in the Intel Community. We've been supporting this customer on many different sub-projects of this program since our founding in 2013. We've grown on this effort by providing the customer with Engineers who have done exceptional work, and we've retained our staff by paying very strong salaries, and working hard to ensure each Engineer is doing work that aligns with their career interest.

What You'll Be Owning

GRVTY is seeking a Cyber Security Project Engineer with a TS/SCI + Poly clearance (applicable to this customer) to join one of our top projects in McLean, VA. The Sponsor requires Cyber Security Project Engineering support to ensure the maintenance of cyber security compliance and to shepherd the program through the Sponsor's Assessment and Authorization (A&A) process. The contractor will play a critical role in ensuring that the project's systems and infrastructure are designed and implemented with security in mind, and that they meet the Sponsor's cyber security requirements. This includes ensuring compliance with relevant security controls, conducting risk assessments, and developing mitigation strategies to address identified risks. The Sponsor's A&A process is a rigorous and complex process that requires a deep understanding of the Sponsor's security requirements and the ability to navigate the various stages of the process. The contractor will be responsible for shepherding projects through this process, ensuring that all necessary documentation is completed and submitted, and that projects are properly authorized to operate.

What You Must Have

• Active TS/SCI with Polygraph Clearance
• Minimum required qualifications
• Demonstrated experience with designing and implementing secure communication solutions and networks.
• Demonstrated experience with implementing infrastructure in public cloud domains.
• Demonstrated experience with the Intelligence Community Directive (ICD) 503 Assessment and Accreditation (A&A) process and acquiring necessary approvals to develop, implement and operate systems.
• Demonstrated experience with the A&A processes and cyber security requirements as well as experience with coordinating with multiple entities or organizations to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status.
• Demonstrated experience addressing and implementing system security controls.
• Demonstrated experience triaging and troubleshooting system issues.
• Demonstrated experience producing technical system documentation.
• Demonstrated experience with designing and implementing cloud-hosted infrastructure for use with mobile and commercial applications.
• Demonstrated experience in information security.
• Demonstrated experience transferring, handling, and securing sensitive data.
• Demonstrated experience developing system design diagrams.
• Demonstrated experience developing and briefing system designs to both technical and non-technical audiences to obtain operational and security approvals.
• Certifications: CompTIA Network+, CompTIA Security+, and ISC2 Certified Information Systems Security Professional (CISSP)

What Would Be Nice to Have

• Demonstrated experience with Sponsor systems, architecture, and data.
• Demonstrated experience providing coordination across Sponsor's organization and business partners to expedite technology approval.
• Demonstrated experience with the Sponsor's A&A process and cyber security requirements as well as experience with coordinating across the Sponsor organization to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status
• Demonstrated experience working independently and collaboratively within a team environment.
• Demonstrated experience developing system design diagrams using Sponsor provided tools.
• Certification: EC-Council Ethical Hacker (CEH)
• Shall work with technical team to design, develop, test, and implement new networks and network architecture using current technology, to include authorization and accreditation.
• Shall work with the technical team to complete requirements to obtain all required approvals and maintain compliance throughout the full lifecycle of the A&A process.
• Shall work with the Sponsor and users to identify and develop system requirements taking into account the desired results, hardware limitations and operating requirements, identified by the Sponsor.
• Shall work with technical team to provide operational testing and recommendations for continuous improvement of equipment and software in support of Sponsor's goals and objectives.
• Shall work with the technical team to coordinate across the Sponsor's organization and business partners to expedite operational approvals.
• Shall analyze new technologies, hardware, and software to determine the applicability and need for the existing or proposed system, to include security, storage, and network technology.
• Shall ensure compliance with the Sponsor's security requirements, including those related to data protection, access control, and incident response.
• Shall develop and assist with implementing security controls to protect Sponsor systems and data, including firewalls, multi-factor authentication, and encryption.
• Shall work with the technical team to conduct internal risk assessments to identify potential security risks and develop mitigation strategies to address them.
• Shall prepare and maintain security documentation, including System Security Plans, Security Assessment Reports, and Plans of Action and Milestones.
• Shall coordinate with the Sponsor's security team to ensure projects meet the Sponsor's security requirements and to address any security-related issues.
• Shall implement the Sponsor's A&A process, including preparing and submitting required documentation and leading the team in A&A meetings and reviews.
• Shall ensure projects comply with relevant regulations and standards, including those related to data protection and cyber security, such as Defense Information Systems Agency Security Technical Implementation Guides (DISA, STIGs).
• Shall develop and maintain an incident response plan to respond to security incidents, including data breaches and system compromises.
• Shall conduct security testing and validation to ensure Sponsor systems and data are secure, including vulnerability scanning and systems hardening.
• Shall maintain compliance with the Sponsor's continuous monitoring requirements.
• Shall support technical exchange meetings on business and technical requirements.

Why Choose GRVTY

The toughest national security challenges demand vision and ingenuity, not just resources. We deliver mission and technical expertise to outpace our adversaries. We're purpose-built to tackle the most entrenched, systemic national security issues around the world.

We partner with our customers to help them overcome challenges in every corner of technology and defense—including the ones still being explored. Our growing capabilities create complementary advantages, giving on-the-ground operations the edge they need to succeed. We muster everything we have to answer every challenge presented, every day of our lives.

At GRVTY, we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance.

• Robust health plan including medical, dental, and vision

• Health Savings Account with company contribution

• Annual Paid Time Off and Paid Holidays

• Paid Parental Leave

• 401k with generous company match

• Training and Development Opportunities

• Award Programs

• Variety of Company Sponsored Events

EEO Statement

GRVTY, is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability.

Anyone requiring reasonable accommodations should email recruiting@grvty.com or call 703-544-7930 with requested details.  A member of the HR team will respond to your request within 2 business days. 

Know Your Rights: Workplace Discrimination is Illegal (eeoc.gov) 

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.