By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide. 

Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (M&S) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and2052 integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains.  CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider.

Provide cybersecurity engineering support to DoD software application development activities through cybersecurity requirements definition, process enhancements and application security testing activities

Candidates do not have to be an expert at all but experience in this will be heavily weighted. The ability to understand technologies is required but not on day 1.

• Define cybersecurity requirements for software applications to meet program requirements and objectives.
• Provide recommendations to incorporate security engineering practices throughout the system development lifecycle.
• Perform assessments of cybersecurity requirement compliance using manual and automated software analysis tools and methods.
• Perform assessments using adversarial tools, techniques, and methods against network-enabled applications and web applications to identify weaknesses, gaps, and vulnerabilities.
• Propose mitigation and countermeasures to reduce or eliminate software-level threats.
• Directly interface with the software development team to ensure software security engineering principles are applied throughout the system development lifecycle.
• Must be a self-starter in a fast-paced environment and able to work with a multi-faceted technical team of engineers with a diverse set of skills at differing levels of experience.
• Analyzes real world problems and implements solutions according to corporate and government guidelines, procedures, and industry best practices. 
• Assures system stability, accessibility, and proper configuration of assigned technical systems and components.
• Be sensitive and flexible to the needs and requirements of the customer.

Desired Job Functions: 

• Proactively identify issues within your team and work to mitigate those issues. Bring options to the table – process improvements, tools, training, etc.
• Document and present performance records and results.
• Document problems/issues via Jira based ticketing system/tracking log.   

• Bachelor's Degree in Computer Science, Engineering, Cybersecurity, IT or related field required.
• Professional and / or military experience may be substituted in lieu of degree.
• This position requires certifications necessary to meet IAT II in accordance with DoD 8570.01-M.
• One or more of the following certifications is required immediately of hire:
  
  • GSEC; Security+
  • SSCP
  • Maintaining required continuing education and certification status is required
• Knowledge of or experience with the DoD Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) or similar best practices and security guidelines.
• Experience in software engineering, development and/or systems engineering throughout all phases of the system development lifecycle. 
• Systems administration skills, experience with Linux, security settings, services, hardening of systems (STIGs, security policies); any shell scripting or Python a plus.
• Knowledge of threat assessment and solutions to mitigate or eliminate such threats.
• Experience with offensive security tools and adversarial techniques and methods.
• Experience implementing software application solutions to comply with NIST SP 800-53 security controls.
• Formal technical documentation skills.
• Experience working with Cyber Range Environments
• Ability to respond professionally, effectively, and efficiently to service requests.
• Ability to prioritize multiple tasks, projects, and demands.
• Ability to research and/or implement new technologies.
• Effective interpersonal and communications skills. 
• Interact with vendors/users/customers and developers to understand needs and operational requirements that will impact development and testing activities.
• Examine any relevant change implementation, then report the changes to developers and testers welcoming feedback for future improvements.
• Ability to solve technical problems involving a variety of integrated software and hardware platforms.

• Knowledge of, or experience with managing, provisioning, deploying, and orchestrating infrastructure specifications through Infrastructure as Code (IaC) platforms such as Ansible and/or Terraform.
• Ability to assist others with getting certifications, such as providing guidance, tutelage, sandboxes, or cooperation.

Please note that pursuant to a government contract, this specific position requires U. S. Citizenship status and a Secret security clearance, with an ability to obtain a TS/SCI. Security Clearance requirement will be specified in the Government's Task Order.

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. The above is intended to describe the general contents of and requirements for the performance of this job.

CESI recognizes that our strength is our people. We support every employee as an individual to build strong teams across the enterprise.  Our benefit package includes:

• Medical, Dental & Vision Coverage
• Wellness Program
• 401(k) Matching
• Disability (Short Term & Long Term)
• Employee Assistance Program
• Life Insurance
• Education & Training
• Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

CESI is committed to principles of inclusion and equal employment opportunity.  We foster a non-discriminatory, professional work environment for all our teams.  We do not discriminate based on race, color, religion, sex, pregnancy, sexual orientation, gender identity, genetic information, national origin, age, marital status, disability, or veteran status.