Cyber Engineer I REF557B

Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Cyber Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree.

The Cyber Engineer works as a member of the Engineering team in support of contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of Elbit Systems of America’s products. The candidate shall gain experience developing Risk Management Framework (RMF) artifacts and shall understand system categorization and deduce NIST, DoD, CNSSI, and NSTSSM regulations into product cybersecurity requirements. The candidate shall gain experience with NIST 800-53 and CNSSI 1253 security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems.  This candidate will interact directly with multidiscipline professionals in the planning and implementation of assigned projects.

• You will perform various duties related to the day-to-day operations of the Cyber Security Engineering team, including:
• Be a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF)
• Evaluate new and existing systems and architects the software, firmware, and hardware requirements from a system engineering perspective
• Participate in development efforts to ensure cybersecurity controls are integrated to meet platform security posture and the Department of Defense (DoD) Authorizing Officials program requirements such as Authority to Connect (ATC), Authority to Operate (ATO), and Authority to Test (ATT).
• Participate in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
• Perform product security reviews with the ability to communicate issues and risks in business terms and make recommendations that balance risk/reward tradeoffs
• Recommend cybersecurity defense and countermeasures for avionics product designs
• Research, evaluate, and assess emerging cyber security threats and technologies
• Evaluate and test new cybersecurity tools and capabilities such as but not limited to vulnerability management, Security Information and Event Management (SIEM), Network Management Systems (NMS), Incident Responses, Disaster Recovery, and Security Operations.
• You may also conduct research and prepare reports based on findings, to include recommendations or alternative proposals for action.