Security Test Engineer (JEMINI)
Auria
Colorado Springs, colorado
Job Details
Full-time
Full Job Description
Auria is looking to hire a Cybersecurity Analyst – JEMINI Security Test Engineer to support the Command, Control, Battle Management and Communications (C2BMC) program. Work location is on Schriever Space Force Base in Colorado Springs, CO.
Essential Functions:
- Strong knowledge of information assurance technology and DoD cybersecurity certification requirements, including hands-on experience in a broad range of information assurance operations-related functions and technologies.
- Demonstrated experience in DoD operational computing environments and possess the ability to work as part of an integrated cybersecurity team tasked with designing, engineering, testing, certifying, and delivering a secure and global Ballistic Missile Defense System (BMDS) communications system.
- Excellent interpersonal skills and a demonstrated ability to support complex organizational relationships are required.
- Excellent technical document preparation skills and verbal communication to present technical cybersecurity issues and reports to senior government and military officials.
- Develop and utilize a program-level Cyber Test Plan that outlines how testing will be performed from patches, CTOs, and applied STIG settings to ensure system functionality is not degraded.
- The Test Plan should be able to span two different environments at differing classifications.
- Develop and utilize a test artifact template to be used during testing that outlines what patches, STIG settings, or CTOs that are involved in the functional test and outcomes due to the test event.
- Develop and utilize a Security Test and Evaluation (ST&E) for Windows and RHEL operating systems ensuring all STIG and security controls are operating as intended.
- Coordinate with on-site cybersecurity, system administration, network administration, and Test personnel on installing patches and testing to rectify vulnerabilities identified through vulnerability scanning techniques.
- Develop a tracking mechanism and Plan of action and milestones when patches and STIG settings can't be applied as required during mandated timeframes.
- Utilization of automated security configuration tools (e.g., ConfigOS) to scan and test STIG configurations
Basic Qualifications:
Please note your updated security clearance and IAT/relevant certifications on your resume, if applicable.
- An active Top Secret clearance is required to start.
- 5 years with a Bachelor’s degree in an Engineering-related field; 9 years experience instead of a degree. Or 3 years with a Master’s degree in an Engineering-related field.
- Must possess a DoD 8140 certification at IAM – Level II or higher (Security+, GSEC, SCNP, SSCP, CISSP, CAP, CASP+CE, CISM, CISA, GSE, SCNA)
- Must have a working knowledge of eMASS, JOINT SPECIAL ACCESS PROGRAM (SAP) IMPLEMENTATION GUIDE (JSIG), Common Criteria, and National Information Assurance Partnership (NIAP).
- Develop and institute test plans and provide unit-level release testing.
- Test responsibility will involve integration, verification testing, system testing, and field testing, ensuring security patches and STIG security configurations are operating as intended and do not degrade the functionality of the system.
- Security engineering skills with an in-depth knowledge of cybersecurity technology and security control requirements.
- Excellent technical document preparation skills and verbal communication to present technical information assurance issues and reports to senior management.
- Solid RHEL, Windows, networking, and firewall security configuration experience. Includes a strong understanding of Security Technical Implementation Guides (STIGS) and the development of security control testing documentation.
- Experience with security products such as vulnerability scanning, network assessment tools, and automated security configuration tools (e.g., ConfigOS).
- Demonstrated experience in:
- Security Architecture design
- Security Audit tools
- Security requirements generation
- Security testing
- Administration of security devices (e.g., firewalls and intrusion detection systems)
- TCP/IP.
Preferred Qualifications:
- Network design, software engineering backgrounds, and use of static code analysis tools are a plus.
- Travel is potentially required between Colorado Springs, Colorado, and Huntsville, Alabama, to support meetings and work with distributed cybersecurity personnel.
Salary Range:The salary offered will be based on the selected candidate’s qualifications - skills, education & experience - and the position level ($99,000 - $113,000).
About Auria
Auria is a provider of solutions and software in support of complex Space, National Security, and Cyber missions of federal, international, and commercial customers. Headquartered in Colorado Springs, CO and with operations in Boulder, CO, Washington, DC, Huntsville, AL, Albuquerque, NM, Ogden, UT, and San Diego, CA, our success is built on the excellence of diverse teams advancing innovative systems and operational software to strengthen our customers’ superiority in Space. With a distinguished track record and a spirit of relentless pursuit, we set the pace for progress and execute every mission with the utmost precision.
When you join Auria as a full-time employee, you get many benefits which include:
- Generous PTO package with yearly tenure increases
- Flex time policy providing you the flexibility needed
- 11 Company-Paid Holidays per year
- Up to 4% match on 401(k) employee contributions, employer and employee contributions immediately vested
- Tuition and Certification Fee Assistance
- Low-cost medical plans that include company-sponsored HSA
- No-cost life insurance
- Employee Assistance Program (EAP)
- And much more!
Auria is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, marital status, national origin, age, veteran status, disability, or any other protected class.