Cybersecurity Engineer

Summary

Join Raft, a customer-obsessed small business focused on Distributed Data Systems and Complex Application Development, as a Cybersecurity Engineer. You will support the installation, implementation, troubleshooting, and maintenance of agency cyber controls for the software factory. Responsibilities include designing and managing security controls within the CI/CD pipeline, providing production support, and resolving problems. This role requires 4+ years of relevant experience, expertise in Docker and Kubernetes, and experience with security tooling. You will also need to obtain a CompTIA Security+ or other DoD 8570 IAT Level II or higher certification within 90 days. Raft offers a competitive salary, full healthcare coverage, 401(k) matching, PTO, education benefits, and flexible work options.

Requirements

• 4+ years of relevant hands-on experience
• Experience with Docker and Kubernetes
• Experience with configuring & maintaining security tooling such as vulnerability & compliance scanners, SAST & DAST, EDR, audit logging, etc
• Experience implementing automated validations of RMF controls (e.g., NIST 800-53) in container or VM images
• Experience with securing and hardening Linux virtual machines and containers
• Proven experience in software systems development via CI/CD pipelines (Gitlab Pipelines)
• Understanding of secure network & system architectures, virtualization & cloud technologies, application security, encryption technologies, and IPS/IDS technologies
• Experience with defense-in-depth security engineering and conducting security testing against the environment
• Deep understanding of DevSecOps methodologies & implementing security tooling within CI/CD pipelines
• Familiarity with containerization technologies such as Kubernetes & Docker and related scanning tools such as TwistLock, Trivy, Grype, JFrog Xray, or Anchore
• Experience with AWS cloud security offerings such as CloudTrail, CloudWatch, Inspector, GuardDuty, Shield, Secrets Manager, etc
• Willing to occasionally work in a classified environment such as a Closed Area or SCIF on a quarterly basis
• Obtain CompTIA Security+ or other DoD 8570 IAT Level II or higher certification within the first 90 days of employment with Raft

Responsibilities

• Support the installation, implementation, troubleshooting, and maintenance of agency cyber controls for the software factory
• Assist in designing and managing the security controls within the CI/CD pipeline
• Provide Production Support of the software artifacts and the CI/CD pipeline
• Provide second level problem identification, diagnosis and resolution of problems
• Support the escalation and communication of status to agency management and internal customers
• Further development and definition of cyber performance requirements
• Participating and revising Cybersecurity Procedures documentation in the CI/CD pipeline
• Executing Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and vulnerability scans
• Understanding of on-prem & cloud-based Linux & Windows systems hardening using DISA STIGs & SRGs or other industry best practices
• Fix or mitigate any vulnerabilities and issues identified during development and throughout the Performer's Information Assurance Vulnerability Management (IAVM) process
• Hands-on experience with relevant security documentation such as SBOMs, PPS lists, data flow & network diagrams, and SSPs

Preferred Qualifications

• Familiarity with the NIST RMF or other security/risk frameworks
• Experience with programming languages such as Python, Go, Java, JavaScript, TypeScript, C#
• Implement and improve development and security best practices by building necessary CICD pipeline jobs (Linting, SCA, SAST, Vulnerability scanning)
• Hands-on keyboard experience with AWS Cloud offerings
• Experience with implementing Sigstore and Cosign to sign container images as well as SBOMs
• Experience with hardening application containers
• Proven experience with Istio service mesh
• Certifications such as: CKS or CKA
• AWS Certified Solutions Architect – Associate or Professional
• AWS Certified DevOps Engineer – Associate or Professional
• CCSP

Benefits

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Annual budget for your tech/gadgets needs
• Monthly box of yummy snacks to eat while doing meaningful work
• Remote, hybrid, and flexible work options
• Team off-site in fun places!
• Generous Referral Bonuses