La Jolla Logic (LJL) is an advanced technology and information system security solutions firm founded in 2011 in San Diego, CA. LJL's mission is to pioneer innovative, high-quality and best value specialty technology and engineering services to customers in the federal government and commercial marketplace.
We are looking for several Full-Time Cybersecurity Engineers with RMF Expertise. The qualified candidate will be working on the security engineering team supporting engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD and Intelligence Community (IC) systems. As a Cybersecurity engineer on our project, you’ll analyze the cyber posture of complex DoD/IC systems, provide critical expertise to mitigate Cyber risk, and develop solutions to ensure these programs support mission critical operations and deliver needed Cybersecurity functionality.
Responsibilities may include:
- Leading and supporting cyber system engineering teams
- Leading Assessment and Authorization (A&A) activities for DoD and Intelligence Systems in accordance with Risk Management Framework and ICD-503 guidelines
- Coordinate with Echelon II, SCA and NAO to facilitate system authorization
- Supporting offensive architecture analysis and design of defense-in-depth solutions
- Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
- Conducting and/or analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIGS)
- Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance
- Leading and coordinating security test event teams to achieve accreditation milestones
- Verifying and validating vulnerability resolutions and/or mitigations
- Effectively communicate work plans, milestones (POAM), and obstacles to clients; able to communicate, explain, or defend ideas or information clearly. Listen to others and recognize potential miscommunications, offer clarity.
- Ability to effectively develop system security plans, procedures, and other security documentation.
- Resolve non-routine problems with area of assigned responsibility and timely direct complex problems, questions, or complaints to Program Manager.
- Ability to analyze disparate data and produce a readable, understandable summary to Program Manager, with recommendations for corrective action, as needed; evaluate effectiveness of applied security control
- Bachelor’s degree in related field is highly desired (Computer Science, Engineering, Information Systems, etc…)
- DoD 8570 Certification (Security+ required, CISSP or equivalent is desired)
- Extensive experience with traditional A&A tools: ACAS Nessus, Xacta, eMASS, SCAP Scanner, STIG Viewer
- Navy ship systems expertise is desired for one of the projects.
- Demonstrated expertise in national Cybersecurity policies, DoD or Intelligence Community A&A processes and procedures and industry best practices on complex systems
- Expertise in vulnerability assessment, control allocation and risk mitigation
- Understanding of offensive and defensive security tactics, techniques and procedures
- Experience with cloud architectures is a plus
- Ability to negotiate effectively with higher level Government leads, managers, functional managers, customers, industry partners, and teammates
- Demonstrated leadership skills (supervisory experience, building teams, building customer relationships)
- Strong interpersonal skills and the ability to effectively build and lead teams
- Strong mentoring skills
- Good planning and organizational skills
- Strong oral and written communications skills
- US Citizenship is required
- Ability to maintain a security clearance (TS preferred)
- Business travel to customer locations may be required (up to 15%)