Product Cybersecurity Lead

Employer
SciTec
Location
Boulder, Colorado
Posted
Apr 16, 2024
Closes
Apr 17, 2024
Ref
2748090021
Position Type
Manager / Leader
Hours
Full Time
Organization Type
Corporate, Other Corporate
SciTec has been awarded multiple government contracts and is growing our creative Team! SciTec, Inc. is a dynamic small business with the mission to deliver advanced sensor data processing technologies and scientific instrumentation capabilities in support of National Security and Defense. We support customers throughout the Department of Defense and U.S. Government in building innovative new tools to deliver unique world-class data exploitation capabilities.

SciTec has an immediate opportunity for a talented Product Cybersecurity Lead in our Boulder, CO office supporting the development of next-generation missile warning systems. The Product Cybersecurity Lead will lead a team responsible for ensuring the security of an advanced data processing system and demonstrating the security of this system through customer accreditation processes.

Responsibilities

Evaluating customer cybersecurity requirements and identifying technical and procedural measures to address those requirements.
Leading a team of employees and contractors to implement, document, and validate cybersecurity controls.
Providing input to software product design to improve product hardening
Analysis of emerging advanced cybersecurity threats and the development of countermeasures to ensure product robustness against sophisticated adversaries.
Management and enhancement of a secure software development lifecycle process to deliver high-assurance software.
Coordination and communication between program management, software development teams, and customer representatives to integrate cybersecurity with the overall program development effort.
Identification and implementation of opportunities for improvements to the software development lifecycle and to supporting DevSecOps technologies.
Other duties as assigned

Requirements

A Bachelor's degree in the cybersecurity, physical sciences, engineering, or computer science or equivalent experience
Ten years of experience in any combination of cybersecurity, software development, computer science, or engineering. At least five of these years must specifically be in the cybersecurity.
Candidate must have an active SECRET DoD or DoE security clearance.
Candidate must have an active CompTIA Security+ CE certification, or an alternate qualifying certification satisfying DoD 8570.01M Information Assurance Level II training requirements. Certifications for higher levels of DoD 8570.01M training are acceptable substitutes.
Detail oriented
Good verbal and written communication skills

Beyond these minimum qualifications, SciTec is actively seeking and will prefer candidates who have any combination the following skills and qualifications:

Candidates will be strongly preferred who familiarity with continuous ATO processes.
Candidates will be strongly preferred who have an active TOP SECRET SCI clearance.
Candidates will be strongly preferred who have a CISSP or CISSP Associate certification, or an alternate qualifying certification satisfying DoD 8570.01M Information Assurance Technician Level III or Information Assurance Manager Level II requirements.
Candidates will be preferred who have experience with the preparation of RMF accreditation packages, including familiarity with eMASS. Specific familiarity with NIST 800-53 and CNSS 1253 is a plus.
Candidates will be preferred who can demonstrate prior experience in using threat modeling to develop a prioritized set of security controls to defend an information system. Familiarity with the MITRE ATT&CK framework is a plus.
Candidates will be preferred who have experience in managing a high-assurance software development lifecycle and using DevSecOps tools and techniques to support software engineering. Familiarity with common application exploitation mechanisms and corresponding defenses is a plus.
Candidates will be preferred who have bachelors or graduate degrees in cybersecurity, computer science, computer engineering, or related fields.
Candidates will be preferred who have domain experience in remote sensing applications
Candidates will be preferred who have experience with Agile software development methods
Candidates will be preferred who have experience with project management, particularly familiarity with EVM processes.

Resumes, Cover Letters, and Applications which are generated by AI will not be considered for employment.

Benefits

SciTec offers a highly competitive salary and benefits package, including:

Employee Stock Ownership Plan (ESOP)
3% Fully Vested Company 401K Contribution (no employee contribution required)
100% company paid HSA Medical insurance, with a choice of 2 buy-up options
80% company paid Dental insurance
100% company paid Vision insurance
100% company paid Life insurance
100% company paid Long-term Disability insurance
100% company paid Hospital Indemnity insurance
Voluntary Accident and Critical Illness insurance
Short-term Disability insurance
Annual Profit-Sharing Plan
Discretionary Performance Bonus
Paid Parental Leave
Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
Flexible Work Hours

The pay range for this position is $163,000 - $227,000 / year. SciTec considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills. This is not a guarantee of compensation.

SciTec is committed to hiring and retaining a diverse workforce and is proud to be an Equal Opportunity/Affirmative Action employer.