TS/SCI Security Test Engineer

necessary. Applies specific functional knowledge; working/general industry knowledge. Develops or contributes to solutions to a variety of problems of moderate scope and complexity. Works independently with some guidance; may review or guide activities of more junior employees. Bachelors degree and 2-4+ years of directly related experience or Masters degree and 0-2+ years directly related experience. Years of experience may be accepted in lieu of degree for certain roles. Certifications may be accepted in lieu of a degree for certain technical roles.


As a security test engineer on our team, youll work with engineers and developers to evaluate software and systems developed for the Department of Defense. Youll work on building a security test plan with test cases based on Remedy and JIRA change requests. Using automated and manual processes, youll generate data and execute the test cases to see how the software performs against vulnerabilities, then document the results and communicate security risks to the development or engineering teams so they can start improving the software or system. Youll automate continuous security and performance testing and monitor health of the Assured Compliance Assessment Solution (ACAS) and other testing tools. This is an opportunity to leverage your skills by writing the code to automate security processes. Youll also further your experience in engineering secure solutions for the testing team and explore new areas like cloud computing.

· Experience with multiple system environments and preparation of test plans and reports
· Experience with DoD STIGs and network compliance analysis
· Experience with DoD vulnerability management tools ACAS, including Tenables Security Center/Tenable.sc, Nessus Network Monitor/Passive Vulnerability Scanner, Nessus Manager and Agent, and Nessus Scanners
· Knowledge of data security administration principles, methods, and techniques
· Ability to support administration of the test networks and systems that use VMware and operating systems including Windows and Linux
DoD 8570.01 IAT II compliant Certification

· Experience with technical writing on POA&Ms, Risk Acceptance, and IA Controls
· Knowledge of DoD policies and procedures, including DoD Risk Management Framework, ICD-503, and NIST 800-53
· Ability to learn new tools and technologies, balance multiple concurrent activities, and manage time efficiently
· Possession of excellent verbal and written communication skills
· Python or Java to automate
Security+ Certification a plus

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.