Product Security Engineer 2

Job Description

Are you an innovative engineer ready to tackle exciting challenges? Whether you specialize in mechanical, electrical, aerospace, or any other field of engineering, TeamGlobal has opportunities that will align with your career goals. We are now actively seeking a Product Security Engineer 2 for an engaging opportunity in St. Charles, MO. Want to learn more? Reach out to one of our dedicated Recruiters, who will share the exciting details about this position and our impressive benefits, including the $10K in free life insurance! Join us at TeamGlobal—where excellence empowers us! Let’s connect and take your career to new heights!

• Role Summary
• In this role, you will serve as a product security engineer responsible for assessing, updating, and maintaining the security posture of program systems. You will work closely with the cyber and compliance teams to identify and remediate vulnerabilities discovered through automated or manual scans. This position requires a detail-oriented individual with strong experience in generating IATT/ATO artifacts and packages, and obtaining the necessary approvals to ensure systems remain compliant and secure.

• Education & Job Requirements
• Bachelor's or Master's of Science degree from an accredited course of study in engineering, computer science, mathematics, physics, or chemistry.
• Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA).
• Experience using analytical, collaboration, communication, and organizational skills.
• 2 years+ of experience in product security/cybersecurity engineering.
• 2 years+ of experience with industry standard cybersecurity frameworks (NIST, OWASP, DFARS).

• Preferred Skills
• 2 years+ of experience in Windows/RHEL System admin experience, installing, tuning & troubleshooting Cyber Tools to include ESS/HBSS, ConfigOS, Splunk, etc.
• 2 years+ of experience in configuring, running, and scripting audit tools.
• 2 years+ of experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g., Fortify).
• Experience with Federal Information Security Management Act (FISMA)/RMF and National Institute of Standards and Technology (NIST) 800-53 requirements.
• Experience leading system and component-level cyber test and evaluation, including threat and security assessments, and tabletop exercises.
• Experienced self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy-to-understand concepts.
• Growing understanding of DoD defense systems architectures and communications system concepts, mission, and common system test and data analysis techniques.

• Job Duties/Functions
• Assess organization-wide security and privacy risk and update assessment results on an ongoing basis.
• Perform system analysis and develop system tests for cyber threats, cyber test activities, and the cybersecurity of large-scale events.
• Support and facilitate various ATO/IATT packages, including processing IAVMs and CTOs for the same.
• Perform cyber risk assessments and develop risk mitigation plans (i.e., POA&Ms, SCRM, etc.) using a variety of tools.
• Perform software assurance tasks, including but not limited to software assurance risk reports.
• Ensure product security engineering development lifecycle is followed, with an emphasis on clear requirements development/verification.
• Perform criticality analysis to include the ability to work with suppliers, identify critical components, and integrate them into the overall system.
• Support proposal development efforts, including but not limited to: BOE generation, GR&A development, and trade study analysis.
• Support the engineering installation & analysis of patches and various system updates and upgrades to determine the system consequences of these changes.
• Attend, collect data from, out brief, and facilitate collaboration and project management from various program boards.
• Applying Security Technical Implementation Guides (STIGs).
• Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools.
• Documentation and verification of all installation and configuration steps for the labs and operations deliveries.
• Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes.
• Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations.
• Support cyber threat intelligence activities.
• Support the development and maintenance of cyber scanning, patching, remediation, tools, and applications.
• Support, as required, TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers as needed.
• Perform and/or support the development of tools for cyber forensics.
• Develop, define efficiencies, and improvements to tools to improve team productivity.
• Perform system analysis and trade studies to define technical concepts and solutions.