Cyber Security InfoSec Engineer

Chantilly, VATS/SCI with PolyAt Bcore, our strength comes from how we deliver impact to the mission. Whether it’s architecting critical IT solutions, producing actionable intelligence, or developing cutting edge technology, we succeed because of the expertise, collaboration, and agility of our teams. Our Mission Services division combines enterprise IT, cloud solutions, DevSecOps, systems engineering, software development, and operational support. Bcore accelerates decisive advantage for warfighters and intelligence professionals by fusing human insight, rapid-fire engineering, precision-measured outcomes, and relentless grit into mission-ready solutions.Do you want to join a team that is building tailored technical solutions to modernize our government’s mission and our client’s business? Do you have a desire to change how people work? Are you interested in helping to protect our nation’s cyber interests? Join our growing team supporting customer missions as a Cyber Security InfoSec Engineer in Chantilly, Virginia.We are seeking an Information Systems Security Engineer (ISSE) for a technical development program supporting cloud-based applications, and its associated cloud infrastructure located on a highly secure network. The ISSE will work with a large team of developers, system engineers, DevOps engineers, database administrators, and system architects.Core business hours for the team are from 9 AM to 3 PM daily - exceptions outside of those hours for the candidate may be negotiated in consultation with management.The typical day for an ISSE supporting the cloud-based applications is as followsThe ISSE will participate in the team’s regularly scheduled Agile tag up (scrum) meetings and report on the status of their assigned Jira issuesAttend ad-hoc TEMs with the team to discuss and weigh in on numerous architectural aspects of the systems for assessing security impacts that may arise with system changesAssist with and/or lead security scans of the systems and report and analyze findings for impactsReview any security findings (CVEs) as noted by outside entities for system impact analysis and how best to proceed with addressing themParticipate in team TEMs and review future system changes/new features for security impactsPrimary ResponsibilitiesIdentifying, selecting, implementing and assessing NIST SP 800-53 security and privacy controls.Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelinesParticipate in creating secure architectures and designsEnsuring security requirements are integrated into the System/Software Development life cycle (SDLC).Performing Continuous Monitoring (ConMon) activities to support Assessment and Authorization (A&A) requirementsReviewing, creating and maintaining relevant Assessment and Authorization (A&A) artifactsPerforming security analysis and monitoring of a 100 percent AWS, cloud-based systemPerforming vulnerability scanning and analysis of the systemPerform remediation and develop security implementations based on security findingsInterface with Information System Security Managers (ISSM) to develop and accredit the systemParticipate in or lead technical exchange meetings, document meeting outcomes as needed, and brief managementRequired Qualifications Hands on experience with Linux (CLI)Hands on experience with scripting and programming languages like BASH and PythonSolid understanding of, experience with networking (e.g., ports, routing tables, subnets, VPNs, firewalls, routers, etc.) to include design, integration and troubleshooting issuesExperience in working on teams utilizing Agile workflows and processesStrong understanding of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and Common Vulnerabilities and Exposures (CVEs)Experience with RMF workflow toolsStrong communication, organizational, and writing skillsMust be able to clearly and directly articulate their findings and recommendations.Must be open minded to considering alternative approaches to possible security issues noted by other team membersBCore is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.