Cyber Security Engineer

OverviewA Rampant Technologies Cybersecurity Engineer (CSE) is a key resource on the Rampant team reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions aligned with the company’s goals. The CSE is a subject-matter expert on problem identification, diagnosis, and resolution, and develops best practices for processes and standards to improve the system.ResponsibilitiesPerform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and apply configuration updates to comply with security requirements.Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.Hardening of operations systems, COTS and open-source products.Validate best practices in penetration testing, configuration analysis, and security assessments.Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing; generate and maintain security accreditation artifacts associated with the RMF process, including Security Requirements Traceability Matrix, and perform timely updates in the accreditation database.Provide technical guidance focused on information security architecture.Key Skills, Education & ExperienceMinimum eight (3) years’ relevant experience as a Cybersecurity Engineer in programs and contracts of similar scope, type, and complexity; ideally three (3+) years of direct experience in the same role.Techno-functional knowledge of/experience with:Execution of the A&A process in accordance with government requirements (e.g., ICD-503).Information systems security and continuous monitoring practices and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and related assessment tegrity, availability, authentication, and non-repudiation concepts; IT security principles and methods (firewalls, DMZs, encryption).Network access and identity management (e.g., PKI); security system design tools and techniques.Knowledge of DoD/IC system security control requirements and relevant laws, policies, and governance related to critical infrastructure.Management best practices for Windows and Linux OS, known vulnerabilities, and continuous monitoring per NIST SP 800-137 with automation where applicable.Virtualization technologies (e.g., VMware, Docker); OSI model understanding and network protocol knowledge.Ability to apply DoD/IC security controls, XACTA and SNOW tools, and security testing tools (including ACAS).Proficiency with Microsoft Office Suite (e.g., Project, Visio).Certifications and ClearanceActive TS/SCI w/ Poly clearance required; certification compliant with DoD 8570 IAM or IAT level 3, or obtain certification within 6 months of hire and maintain it during employment.IAT Level II Certifications (Security+ or equivalent). #J-18808-Ljbffr

Created: 2025-09-21