Millennium Corporation

RMF Cybersecurity Engineer

Job Locations US | US-SC-Charleston
Posted Date 2 days ago(6/24/2022 3:38 PM)
Job ID
2022-2205

Overview

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity. Our elite team of more than 400 experts has an unparalleled record of performance supporting Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. With the largest contingent of contracted Red Team operators in the DoD, we provide an unmatched level of threat intelligence and battle-tested experience for customers in both the DoD and federal civilian markets.

What We Believe

We believe that diversity is a fact, inclusion is a choice.  At Millennium Corporation, we are inclusive. We celebrate multiple approaches and different points of view. We strongly believe that diversity drives innovation, and we are building a culture where differences are valued. We are always growing our programs and we offer tools to help our employees grow and manage their careers.

 

Millennium is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Millennium promotes affirmative action for women, minorities, disabled persons, LGBTQ+ and veterans.

Responsibilities

Millennium Corporation is hiring an RMF Cybersecurity Engineer to work remotely or in the Charleston, SC area. Candidate must have an active Secret Clearance. 

  • Assess the effectiveness of cybersecurity controls IAW NIST SP 800-53A, and effectively document weaknesses
  • Research vulnerabilities originating from various sources, perform risk assessments of vulnerabilities and develop effective written mitigations to reduce felt risk
  • Develop artifacts required to obtain DoD and Navy IATTs, ATOs and Use Case approvals.
  • Use the automated RMF Assessment and Authorizations (A&A) tools, such as eMASS, to complete and document DoD compliant RMF A&A activities.
  • Complete DoD compliant RMF continuous monitoring activities, to include annual control assessments, POA&M monitoring and updates, creation and/or updating of security documentation, and development of mitigations for non-fully compliant controls.
  • Configure, execute scans, and interpret the results of vulnerability scanning tools such as NESSUS.
  • Responsible for meeting Program Increment (~12week) deadlines to implement and enhance team capabilities
  • Execute all efforts in a collaborative and Scaled Agile fashion while adhering to government mandated fixed due dates
  • Work with developers, testers, and other production IT staff to oversee releases and deployments of capability.
  • Foster relationship with platform product teams and their customers
  • Establish and refine Continuous Integration (CI) and automation to create and release regular updates to DevSecOps capabilities quickly and efficiently
  • Support standard Agile ritual meetings (Sprint Planning, Daily Stand-ups, Backlog Grooming, Sprint Reviews and Retrospectives) as necessary and assist Scrum teams
  • Attend and Participate in Periodic Large Scale Agile Planning events.

Qualifications

  • Candidate must have at minimum an active Secret Clearance
  • Bachelor’s degree in Engineering, Physics, Network Security, Computer Science, Information Systems, or a related field.  
  • Have at least 6 years of experience, with 2 years of experience in Risk Management Framework
  • Experience with a range of AWS products  
  • Experience with Redshift; Glue; Nifi; and Oracle highly desired
  • Knowledge and skills required to perform the complete DoD RMF Assessment and Authorization (A&A) process
  • Experience implementing Navy cybersecurity policies, guidance, and standards.
  • Must possess the skills, knowledge, and experience necessary to perform DISA STIG implementation assessments on IT platforms and applications.
  • Have at minimum an 8570 IAT Level II certification such as CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP. 

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

None

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed