Cybersecurity Engineer

🕒 il y a 5 jours

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Defense Unicorns

Site WebLinkedInTous les Emplois

51 - 200 employés

🔒 Cybersecurity

💰 Seed Round en 2022-10

Defense • Software • Cybersecurity

Defense Unicorns est une entreprise de technologie de pointe dédiée à transformer la façon dont le ministère de la Défense des États-Unis (DoD) acquiert et déploie des capacités logicielles critiques pour les missions. Grâce à son Airgap App Store et à son Unicorn Delivery Service (UDS), Defense Unicorns propose un marché centralisé d'applications de confiance, pré-approuvées pour des déploiements rapides, sécurisés et conformes dans les environnements DoD les plus sécurisés et complexes. L'entreprise met l'accent sur la rapidité et la fiabilité de la livraison de logiciels, répondant à diverses missions à travers des domaines tels que l'armée, la marine, l'armée de l'air et la force spatiale. Defense Unicorns relève les défis uniques de DevSecOps pour les systèmes de défense, assurant l'adaptabilité opérationnelle et la sécurité dans les déploiements de logiciels essentiels.

Description

• Leading and pathfinding the effort to achieve accreditation in accordance with NIST-800 series requirements. • Developing and implementing cybersecurity policies, procedures, and controls necessary to meet FedRamp and DoD accreditation standards. • Conducting comprehensive risk assessments and vulnerability analyses to identify potential security threats and mitigate risks. • Collaborating with cross-functional teams including software developers, system architects, and other Government stakeholders to integrate cybersecurity measures into the software development lifecycle. • Performing security testing and evaluation of our software platform to identify vulnerabilities and weaknesses (STIGs, ACAS, CI/CD security testing, etc.) • Providing guidance and support to ensure continuous monitoring and maintenance of cybersecurity controls. • Preparing and maintaining documentation required for the accreditation process, including System Security Plans (SSPs), Security Assessment Reports (SARs), and other relevant artifacts. • Staying up-to-date with evolving cybersecurity threats, technologies, and regulations to proactively address security challenges and compliance requirements. • Serving as a subject matter expert on cybersecurity best practices, standards, and procedures within the organization. • Supporting automated Compliance-as-Code capabilities that continuously evaluate the cybersecurity posture of the tech stack

🎯 Exigences

• Proven experience in cybersecurity engineering, with a focus on achieving accreditation for software systems within the DoD environment. • Proven track record of thinking outside the box and pushing the boundaries of the RMF/FedRamp/ATO status quo. • In-depth knowledge of NIST-800 series standards, particularly NIST-800-53, and experience applying these standards to achieve accreditation. • Skilled at translating technical implementation (infrastructure as code and configuration as code) into verifiable eMASS security control responses that Approving Officials (AOs), and their staffs, can understand. • Strong understanding of cybersecurity principles, technologies, and best practices, including encryption, authentication, access control, and secure coding practices. • Hands-on experience with security assessment tools and techniques, such as vulnerability scanning and security analysis. • Familiarity with software development methodologies and practices, particularly Agile and DevSecOps. • Excellent analytical and problem-solving skills, with the ability to assess complex systems and identify security risks. • Effective communication and interpersonal skills, with the ability to collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders. • Eligibility to obtain and maintain a DoD security clearance. • Eligibility to obtain and maintain privileged access in a Government Cloud Environment (relevant training and/or certifications).

🏖️ Avantages

• Medical/Dental/Vision • Premiums are 100% Company Paid • Health Savings Account • Life Insurance • Disability Insurance • 401k Retirement Plan • Company Stock Options • Home Office Budget • We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s • Paid Parental Leave • Reimbursement for approved trainings/subscriptions • Conferences (travel, lodging, and fees)