United Technologies Corporation Jobs

UTC logo

Job Information

United Technologies Corporation Senior Software Engineer - Cybersecurity in Sterling, Virginia

Job ID: 01342904

City: Sterling

State: Virginia

Country: United States

Category: Engineering

Job Type: Full Time

Description:

Date Posted:

2019-08-08-07:00

Country:

United States of America

Location:

HVA34: Sterling, VA 22640 Davis Dr , Sterling, VA, 20164-7104 USA

Sr. Software Engineer - Mission Systems - Cybersecurity

This software engineering position is within the Simulation & Training Solutions (STS) business area. STS develops and builds simulators and training systems for both military and commercial customers. Devices range in complexity from desktop training all the way up to high fidelity weapon system and full-flight training systems including full visual, motion, and simulator interoperability (HLA/DIS).

Responsibilities:

  • In close coordination with the training system’s lead architect and design engineers, design, implement and test the Risk Management Framework (RMF) infrastructure for the training system.

  • To support Risk Management Framework (RMF) Configuration Management

  • Monitoring networks and systems for security incidents and intrusions

  • Provides weekly audits of systems related to network and system logging and monitoring-

  • May perform web application penetration testing and vulnerability assessments for security improvements

  • To support Risk Management Framework (RMF) Assessment and Authorization

  • Performs Information Assurance (IA) administration conducting certification and accreditation of systems using the RMF process

  • Provides DoD Policies/Instructions, STIG, and IAVA guidance, implementation, and analysis

  • Provides security services in consultant role to internal and external customers

  • Demonstrate knowledge and proficiency using IA scan tools such as Nessus (ACAS) and IA tools such as HBSS to ensure secure systems

  • Windows and Unix systems administration

  • To support RMF System and Communications Protection

  • Designs and conducts regular audits of computer systems to determine that they are operating securely and that data is protected from both internal and external attack

  • Assesses assigned system to determine system security status and ensures adherence to security policy, procedures and standards

  • Performs technical cybersecurity with applications. Familiarity with tools such as SNORT, SIEM, AlienVault/OSSIM, Splunk, IDS’s, Tripwire, Web application firewalls, syslog, NMAP, VMware, Redhat, Apache/Tomcat, Cisco ASAS Devices, and Wireshark

  • Monitors, evaluates, and maintains complex security systems according to industry best practices to safeguard internal information systems and databases

  • To support Risk Management Framework (RMF) Incident Response

  • Reviews security requirements and subsequently reviews systems to determine if they have been designed and established to comply with established standards

  • Conducts investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management

  • Responds to queries and requests for computer security information and reports from both internal and external customers

  • To support Risk Management Framework (RMF) Planning

  • Provides technical consultation on tasks; provides leadership and work guidance to less experienced personnel

  • Provides recommendations of product for upgrades, patches and other general security measures in order to better secure systems for various clients. Troubleshooting and managing incidents and issues related to a custom application environment

Basic Requirements:

  • US citizenship is required for this position

  • 5 or more years of experience in computer science, management information systems, or data security experience

  • Certification for DoD IAM 8570 compliance, Certified Information Systems Security Professional (CISSP)

  • DIACAP/RMF process and implementation experience,

  • Clear understanding of DODI 8500, DODI 8510, DODI 8570.01M, NIST 800-53Rev 4

  • Experience with information assurance, including accreditation security testing and evaluation

  • Have a broad knowledge of security methodologies, solutions and best practices

  • Advanced understanding of the strengths and weaknesses of DISA STIGs

  • Be comfortable using, configuring, troubleshooting, and administering both Linux and Microsoft operating systems. Experience with Virtualization technologies such as Hyper-V and VMware

  • Candidate should have a solid understanding of security guidelines published by the National Institute of Standards (SP 800-53A rev4/FIPS200, SP800-171, FIPS 199/SP800-60, SP800-37, and other SP800 series as necessary)

  • Experience with Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), DISA STIG’s, and other DoD approved vulnerability scanning assessment tools

  • Experience remediating SCAP and ACAS scan results

  • Experience administering and managing the Host Based Security System (HBSS)

  • Experience administering and managing Cisco switches and Intrusion Protection Systems (IPS)

  • Experience administering and managing Windows Active Directory, Group Policy Objects and DNS

Desirable Skills:

  • Ability to code

  • C++ Powershell

  • Linux command shells,

  • Computer Networking experience

  • Ability to document work and RMF controls

  • Multilevel Security experience

Clearance: Active Secret

Ability to obtain a DOD Secret or above clearance. Applicants selected will be subject to an additional security investigation (above clearance) and will need to meet eligibility requirements for access to classified information. To comply with U.S. export laws and regulations, this position may only employ "U.S. Persons" as defined by the International Traffic in Arms Regulations (ITAR) (22 CFR 126.1) https://www.pmddtc.state.gov/embargoed_countries/. All applicants and employees may be subject to random drug testing in accordance with Executive Order 12564. Employment is contingent upon successful completion of a security background investigation.

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms

Qualification:

United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

Thank you for your interest in a career at United Technologies! We will soon upgrade to an improved job application system to simplify the apply experience. You will still be able to apply to any of our current job openings through December 18, 2018. On January 2, 2019, our new and improved job application system will launch; please check back on that date to see all of our job openings.

DirectEmployers