Cybersecurity Engineer 3

Auria is looking to hire a Cybersecurity Engineer 3 to join our Command and Control, Battle Management, and Communications (C2BMC) program.  This position will be based in Colorado Springs, CO.

The candidate will process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual account validation, and work with the system administrator to create, modify, and remove accounts.  Assess systems and networks within a virtual environment and identify where those systems deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations, such as compliance audits using STIG Viewer, SCAP, etc., and active evaluations, such as vulnerability assessments utilizing ACAS.

Essential Functions:

• Update the Risk Management Framework (RMF) artifact documentation to ensure that non-compliant system hardening is tracked and remediated.
• Establish strict program control processes to ensure risk mitigation and support obtaining system assessment and authorization.
• Includes support of process, analysis, coordination, control certification test, compliance documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
• Assist in implementing the required government policy (e.g., NISPOM, NIST, DoD), make recommendations on process tailoring, and participate in and document process activities.
• Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
• Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
• Periodically review each program support and operational system's audits and monitor corrective actions until all actions are closed.
• Coordinate across the program to address identified deficiencies during RMF assessment activities.

Basic Qualifications:

Please note your updated security clearance and IAT/relevant certifications on your resume, if applicable.

• An active top-secret clearance is required to start.
• 5 years with a STEM Bachelor’s degree in a related field; 3 years experience with a STEM Master’s degree in a related field; OR 9 years experience in lieu of a degree.
• Must possess a DoD 8140 certification at IAT Level II/IAM Level I or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA).
• Perform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOS.
• Develop test plans reflecting how STIG checks are implemented and be able to show the expected outcomes of those checks.
• Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow Diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M).
• Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS).  
• Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to include identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, conducting verification testing for compliance assessment.
• Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g. Fortify).

Preferred Qualifications:

• Windows and Red Hat Enterprise Linux (RHEL) system administration skills.
• Previous background working in a virtual environment.
• Previous background working with dockers and containers.
• Administer ACAS and ESS (formally HBSS)
• Previous experience with ConfigOS

Salary Range: The salary offered will be based on the selected candidate’s qualifications - skills, education & experience - and the position level ($99,000 - $110,000).

About Auria

Auria is a provider of solutions and software in support of complex Space, National Security, and Cyber missions of federal, international, and commercial customers. Headquartered in Colorado Springs, CO and with operations in Boulder, CO, Washington, DC, Huntsville, AL, Albuquerque, NM, Ogden, UT, and San Diego, CA, our success is built on the excellence of diverse teams advancing innovative systems and operational software to strengthen our customers’ superiority in Space. With a distinguished track record and a spirit of relentless pursuit, we set the pace for progress and execute every mission with the utmost precision.

When you join Auria as a full-time employee, you get many benefits which include:

• Generous PTO package with yearly tenure increases
• Flex time policy providing you the flexibility needed
• 11 Company-Paid Holidays per year
• Up to 4% match on 401(k) employee contributions, employer and employee contributions immediately vested
• Tuition and Certification Fee Assistance
• Low-cost medical plans that include company-sponsored HSA
• No-cost life insurance
• Employee Assistance Program (EAP)
• And much more!

Auria is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class.