← Back to jobs
NW

Cybersecurity Project Engineer

Nwis
Sterling, VA Mid Level Full-time
GCP AWS Azure

Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets.


Job Title: Cybersecurity Project Engineer
Location: Sterling, VA
Clearance: TS/SCI Poly

**This position is CONTINGENT upon contract award**

The Cyber Security Project Engineer (CSE) supports the LSA to identify, design, and deploy security controls and subsystems to support the on-premises secure multi­ tenant infrastructure environment (CUSTOMER). The CSE collaborates with the Platform and Operations teams to integrate security controls into the IaaS environment. The CSE discovers and mitigates cybersecurity risks, assess the security controls implemented within and inherited by the system, understand and apply policies to address requests for information on cyber best practices, conduct risk assessments for specialized devices, and provide information system security expertise. Collaboratively works closely with Platform and Operations teams, Sponsor, Information System Security Officers and Managers, as well as the Authorizing Officials (AO) to conduct comprehensive CNSSI 1253 and NIST SP 800-53a assessments of the management, operational, and technical security controls. Daily tasks include, but are not limited to:

  • Work with LSA, technical team to develop template/tools for automating the deployment of security controls in the CI/CD pipeline and the continuous automated/enhanced assessments or O&M of vulnerability scan tools
  • Facilitates meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with team stakeholders.
  • Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans and security plans).
  • Identify and recommend mitigations for potential avenues of exploitation, including system level attacks and user level attacks.
  • Advises and assists with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP)
  • Develops and documents security evaluation test plans and procedures
  • Develops SCA artifacts, including the Security Assessment Plan (SAP), Security Assessment Reports (SAR), and Remediation Actions
  • Experience with developing Plans of Action and Milestones (POA&Ms), including providing risk mitigation strategies, steps, and milestones.
  • Conducts hands on security testing, analyzes results, documents risks, and recommends countermeasures
  • Applies working knowledge of Industry Best Practices (e.g. SANS Top 20) National/International policies and standards and how they relate to the A&A process
  • Applies working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process
  • Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation

Required Skills:

  • Strong understanding of network security principles and technologies.
  • Experience with security tools and technologies (e.g., firewalls, intrusion detection systems, anti-malware software).
  • Knowledge of operating systems and their security configurations.
  • Familiarity with security protocols and standards (e.g., NIST Framework, ISO 27001).
  • Ability to identify and assess security vulnerabilities.
  • Strong problem-solving and analytical skills.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Experience with scripting and automation.

Desired Skills:

  • Experience with cloud security (e.g., AWS, Azure, GCP).
  • Knowledge of security information and event management (SIEM) systems.
  • Experience with incident response and forensic analysis.
  • Familiarity with various security frameworks (e.g., SCDO, OWASP).
  • Experience with ethical hacking techniques.
  • Experience with scripting languages (e.g., Python, PowerShell).
  • Ability to create and maintain security documentation.

Desired Certs:

  • One or more of the following: CompTIA Security+, CISSP, CISA, CISM, CCSP, SSCP, GIAC Security Essentials


Salary & Benefits

The salary associated with this position ($122,000-$253,000) is commensurate with the selected candidate’s qualifications, years of relevant experience, and demonstrated level of expertise. Compensation will be determined based on these factors to ensure alignment with skills, responsibilities, and market standards.


Nightwing offers medical, vision and dental insurance coverage in addition to a 401k plan, PTO, Holidays, and additional insurances.


Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

 

More jobs at Nwis

See all Nwis jobs →

Similar roles

Free Access

Subscribe to view full job details

Get unlimited access to job listings, apply links, and weekly curated picks. Plus, learn how Latentra's career placement program can land your next role — we only charge after you're hired.

No spam. Unsubscribe anytime. Learn about our program

Chat with us