Cybersecurity Engineer

December 14

Apply Now

Receive Emails with Similar Jobs

Raft

WebsiteLinkedInAll Job Openings

51 - 200 employees

🤖 Artificial Intelligence

🏛️ Government

☁️ SaaS

Description

• This is a U.S. based position. All of the programs we support require U.S. citizenship to be eligible for employment. All work must be conducted within the continental U.S. • Raft is a customer-obsessed non-traditional small business with a purposeful focus on Distributed Data Systems, Platforms at Scale, and Complex Application Development, with headquarters in McLean, VA. • We’re looking for an experienced Cybersecurity Engineer to support our customers and join our passionate team of high-impact problem solvers. • As a Cybersecurity Engineer, you will support the installation, implementation, troubleshooting, and maintenance of agency cyber controls for the software factory. Assist in designing and managing the security controls within the CI/CD pipeline. Provide Production Support of the software artifacts and the CI/CD pipeline. Provide second level problem identification, diagnosis and resolution of problems. Support the escalation and communication of status to agency management and internal customers. A working knowledge is desirable in various software systems and architectures, and communications protocols.

Requirements

• 4+ years of relevant hands-on experience • Experience with Docker and Kubernetes • Experience with configuring & maintaining security tooling such as vulnerability & compliance scanners, SAST & DAST, EDR, audit logging, etc. • Experience implementing automated validations of RMF controls (e.g., NIST 800-53) in container or VM images • Experience with securing and hardening Linux virtual machines and containers • Proven experience in software systems development via CI/CD pipelines (Gitlab Pipelines) • Understanding of secure network & system architectures, virtualization & cloud technologies, application security, encryption technologies, and IPS/IDS technologies • Experience with defense-in-depth security engineering and conducting security testing against the environment • Deep understanding of DevSecOps methodologies & implementing security tooling within CI/CD pipelines • Familiarity with containerization technologies such as Kubernetes & Docker and related scanning tools such as TwistLock, Trivy, Grype, JFrog Xray, or Anchore • Further development and definition of cyber performance requirements • Participating and revising Cybersecurity Procedures documentation in the CI/CD pipeline • Executing Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and vulnerability scans • Understanding of on-prem & cloud-based Linux & Windows systems hardening using DISA STIGs & SRGs or other industry best practices • Fix or mitigate any vulnerabilities and issues identified during development and throughout the Performer's Information Assurance Vulnerability Management (IAVM) process • Hands-on experience with relevant security documentation such as SBOMs, PPS lists, data flow & network diagrams, and SSPs • Experience with AWS cloud security offerings such as CloudTrail, CloudWatch, Inspector, GuardDuty, Shield, Secrets Manager, etc. • Willing to occasionally work in a classified environment such as a Closed Area or SCIF on a quarterly basis • Obtain CompTIA Security+ or other DoD 8570 IAT Level II or higher certification within the first 90 days of employment with Raft • Highly preferred: Familiarity with the NIST RMF or other security/risk frameworks • Experience with programming languages such as Python, Go, Java, JavaScript, TypeScript, C# • Implement and improve development and security best practices by building necessary CICD pipeline jobs (Linting, SCA, SAST, Vulnerability scanning) • Hands-on keyboard experience with AWS Cloud offerings • Experience with implementing Sigstore and Cosign to sign container images as well as SBOMs • Experience with hardening application containers • Proven experience with Istio service mesh • Certifications such as: CKS or CKA, AWS Certified Solutions Architect – Associate or Professional, AWS Certified DevOps Engineer – Associate or Professional, CCSP

Benefits

• Highly competitive salary • Fully covered healthcare, dental, and vision coverage • 401(k) and company match • Take as you need PTO + 11 paid holidays • Education & training benefits • Annual budget for your tech/gadgets needs • Monthly box of yummy snacks to eat while doing meaningful work • Remote, hybrid, and flexible work options • Team off-site in fun places! • Generous Referral Bonuses • And More!