ASSETS - Cyber Security Engineer (557WW)

Apogee is seeking a Cybersecurity Engineer located in Omaha, NE in support of the 557th Weather Wing (557WW).

Why work with us?

Apogee Engineering, LLC is a provider of research, engineering, operations, software, cyber, intel, training, technical services, financial and administrative expertise across an array of DOD and Federal Civilian customers. Our company was founded on the commitment of making a positive difference for our customers and our people. Apogee’s culture is infused with integrity and a passion for excellence, which has propelled us into the ranks of an elite small business company. Apogee is known for an unwavering dedication to our client's success, a warm and employee-centric work environment, and an enthusiasm to provide the right solution at the right time.

What you will be doing:

• Identify areas of cyber weakness within programs and develop Plan of Action and Milestones (POA&M) required in support of information assurance or security necessities
• Conduct tests of cybersecurity safeguards and integration of systems IAW established test plans, STIGs and Cybersecurity Controls. Automate security testing through scripts and macros
• Ensure that the design of hardware, operating systems, and software applications adequately address security requirements for the Computing Environment (CE) to include testing cybersecurity mitigations
• Development and production of RMF documentation for Secret, Top Secret and JWICS networks
• Perform vulnerability assessments and security tests on networks, web-based applications, and computer systems
• Conduct network and system security audits, evaluate how well system conforms to a set of established criteria
• Analyze policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material
• Document findings, write security reports, and discuss solutions with IT teams and management
• Perform “black box” and “white box” testing and Blue and Red team war gaming exercises
• Perform security and technical assessments on new technologies and generate "Best Practices" for implementations of new technologies
• Perform reviews of application designs and source code (mainly Java, JavaScript, and C)
• Establish and sustain information security assurance processes that satisfy complex system-wide requirements
• Provide cybersecurity recommendations based on evaluation and review of engineering proposals to ensure compliance with mandated cybersecurity requirements
• Manage the fact finding, analysis, and development of hypothesis, conclusions, production of final reports and presentations

What you will need to have:

• Security Clearance Required: Secret
• One of the following education/experience combinations:
  • Master’s degree and 6 years relevant experience (12 years preferred), including at least 5 years supporting the DoD
  • Bachelor’s degree and 8 years relevant experience (15 years preferred), including at least 5 years supporting the DoD
  • 18 years relevant experience (20 years preferred), including at least 8 years supporting the DoD
• Strong knowledge and experience applying DoDD 8500.1 Information Assurance, DoDD 8520.1 Protection of SCI, DoDI 8510.01 Risk Management Framework (RMF) for DoD Information Technology
• Knowledge and experience with NIST 800-53, and DoD Risk Management Framework tools (eMASS/Xacta)
• Expert knowledge of database practices, and USSTRATCOM database organization, operations and objectives
• Training in application security and software analytical tools used by the IPT including Application Security AppDetective Pro, Application Security DBProtect, Fortify Source Code Analyzer, Fortify 360 Server, Fortify Real-Time Analyzer, and IBM/Rational AppScan
• Must hold a GPEN, GWAPT, GSE, OSEE, OSCE, OSCP, or GXPN certification
• Minimum of 3 years of experience conducting penetration testing or Blue team testing
• Hold a 8570 Information Assurance Management (IAM) Level II certification or DODD 8140 Information Assurance Security Engineer Level II certification

Benefits:

• Apogee offers two medical plans, a high deductible health plan with a HRA and a traditional POS plan with co-pays, dental, vision, 401(k), life insurance, PTO, paid holidays, parental, military and jury duty paid leaves. Regular part time employees scheduled for twenty-four or more hours per work week are eligible for benefits on a pro-rated basis.
• This position is eligible for a discretionary annual bonus.