Senior Cyber Engineer (A&A Focused, TS/SCI Required)

Intelligent. Dynamic. Resilient. 

Everfox, formerly Forcepoint Federal, has been defending the world’s most critical data and networks against the most complex cyber threats imaginable for more than 25 years. As trailblazers in defense-grade, high assurance cyber security, we have been leading the way in developing and delivering innovative cyber security technology. We protect data wherever it resides. Our unwavering dedication and commitment to our customers and the critical missions they serve are what set us apart. We are dynamic, vigilant, and proactive in everything we do. Our suite of cross domain, threat protection and insider risk solutions empower governments and enterprise organizations to use data safely - where and however their people need it. At Everfox, we innovate, we invest, we achieve. We protect what matters most to our customers. And we offer protection like no other. We do all of this so our customers can focus on what matters most… their mission.

Job Title: Senior Cyber Engineer

Location: Roamer 50% remote/50% onsite (Washington, DC area)

What You'll be Doing:
 Many job listings provide a wide range of confusing and often vague terms. Here at Everfox we take a different approach by spelling out the key things you’ll be responsible for:

• Work with multiple Everfox engineering and development teams to ensure ATO (Authorization to Operate) is granted and maintained for Everfox’s proprietary HW/SW platform and products

• Conduct regular vulnerability scans of Everfox’s proprietary HW/SW platform and maintain results for professional services (PS) access

• Research identified/theoretical vulnerabilities in Everfox products’ underlying software libraries

• Work with Everfox development teams to maintain and update STIG .CKLs and related documentation

• Collaborate with Everfox development to identify new or evolving compliance requirements that could drive future product changes

• Support customer A&A/compliance efforts, coordinating with ISSOs/ISSMs as needed

• Following an initial training period expect approximately 60% of your time to be onsite at customer locations primarily in the National Capital Region

  • Identify assessment requirements

  • Assist in creating artifacts and evidence for audits, assist in answering for controls or AO and/or intermediate entities feedback in system records (emass, xacta)

  • Provide on-site assessment support and answer product-related compliance questions; Support customers during assessments/audits, help address compliance concerns

• Other duties pertinent to company and customer success as assigned

Things You Must Have to Apply:

• An active (currently in use) –  TS/SCI w/CI poly

• A collaborative, team player approach to your work

• The ability to obtain the appropriate work authorizations that may be required under U.S. ITAR or EAR regulations from the applicable U.S government agency.

• 4+ years’ experience in Information Assurance positions performing the following tasks:

  • Reviewing, applying, and remediating security vulnerabilities or implementing security controls based on STIG guidance or scanning reports.

  • Expert knowledge of NIST compliance

  • Expert knowledge of working through A&A efforts leading up to the process of obtaining an ATO. Experience working with customers or stakeholders within an organization to achieve.

  • Expert knowledge and experience in A&A with DCID 6/3/ICD-503

  • Strong knowledge and experience with NIST 800-53 Rev 4 and Rev 5 and associated security controls implementation and verification

  • Strong demonstrated experience in understanding and applying principles of Risk Management Framework (RMF) to operations and tasks.

  • Tools for continuous monitoring, XACTA, Risk Vison.

  • Strong communication skills including verbal and written; Word, PowerPoint, Excel, Visio, Project, and other tools to communicate with peers and customers at all technical levels.

  • Experience with System Security Plans, Security Compliance Traceability Matrix, Security Test Plans, Plan of Action & Milestones

  • Scanning systems and assisting the team in remediating vulnerabilities

  • Experience ensuring systems comply with key government security requirements and demonstrate that through verification testing with government security stakeholders.

Things That Would Be Nice To Have:

• IT security training in various disciplines.

• Bachelor's or Master's degree in IA/Cyber Security/Computer Science.

• Experience working in cloud environments such as AWS, Azure, GovCloud, or Google Cloud.

A reasonable estimate of the base salary range for this role is:

$129,029.52-187,530.72 USD

A reasonable estimate of the base salary range for this role is:

The actual salary offered may vary within the range based on a candidates' unique experience, locale, and business needs. In addition to a base salary and bonus plans, Everfox offers a generous benefits package including flexible PTO, a 401k match, and contribution to healthcare coverages. Our talent acquisition team will provide specific information regarding bonus eligibility and benefits offerings.

________________________________________________________________

Don’t meet every single qualification? Studies show people are hesitant to apply if they don’t meet all requirements listed in a job posting. If there is something slightly different about your previous experience, but it otherwise aligns and you’re excited about this role, we encourage you to apply. You could be a great candidate for this or other roles on our team.

The policy of Everfox is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by sending an email to HR@everfox.com 

Everfox is a Federal Contractor. Certain positions with Everfox require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.

Applicants must have the right to work in the location to which you have applied.