Job Type

Full-time

Description

About Millennial Software:

Millennial Software is revolutionizing the landscape of security and defense by leveraging our core competencies in software development, automation, DevSecOps, and machine learning.

We are an employee-owned company, every employee receive equity in the company 100% company-paid medical, dental, and vision premiums for you and all dependents Ability to get increased salary if you don't need medical/dental/vision 100% company-paid disability and life insurance benefits 15% 401(k) company contribution 30 days of PTO/holidays Generous training budget Paid Paternal and Maternal Leave Business development / growth incentives Top notch company swag Millennial Software is looking for a self-starting, team-oriented Mid to Senior level Engineer to join our dynamic development team in supporting a Government customer.

Technical Tasks/Requirements: Reviewing Audit logs and creating mitigation and corrective action plans. Working with development teams to create, maintain, and monitor data connections, NPE security certificates, firewall connection requests. Applying cloud, network, and security best practices to ensure that all requests meet the application goals while minimizing security risk. Work with platforms teams to implement DevSecOps process maintained in Linux/Cloud based development environment. Applying best practices and processes to capture, refine, and assist in the prioritization of requirements based on risk, engineering principles, and mission requirements. Providing enhanced security architectures, development tools, and information systems to facilitate secure missions. Information System Owners (ISOs) guidance, requirements understanding, and options to support technical security engineering. Capability based security analysis of system security architectures, identifies vulnerabilities, and provides suggested mitigation alternatives. Participates in design, development, and implementation of information systems to ensure these systems are in compliance with required security features and safeguards. Security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Evaluates scan results and works with system developers and system administrators to eliminate or mitigate findings. Generates certification and accreditation (C&A) documentation and artifacts (i.e.. System Security Plans, Network Interface Planning Documents, etc.) for import / upload to the SNOW tool. Proposes categorization of information systems based on types of information processed, in conjunction with DAO Representatives and ISOs. Coordinates with appropriate Security Control Assessors (SCAs) early in engineering design phase for ongoing coordination, understating in development and application of security controls, and security tradeoffs and other decisions. Requirements

Minimum Skills Required: An active TS/SCI clearance with CI Poly Bachelor's degree in information systems, systems engineering, electrical engineering, information technology, or related field 5+ years of relevant experience (or 7+ years without related degree) Understanding of engineering in development and operational environment Understanding of IA principle and organizational requirements Experience with DOD/IC System Security control requirements Understanding of information security systems engineering principles and IT security technologies (e.g. firewalls, encryption, proxies) Experience with security control testing and demonstration. Certification and/or experience with Amazon Web Services Familiarity with implementing configuration management tools (e.g., Ansible, Puppet, Chef) to enforce security policies. Ability to integrate security requirements into the design and development of systems. Familiarity with implementing security controls in cloud based environment and development environments. Experience working with system administrators, developers, and systems engineers to continually monitor and ensure system compliance. Strong Communication skills Familiarity with developing and maintaining system security documentation Enthusiastic & energetic performer able to work in a dynamic, fast-paced, & high visibility environment Self-motivated and capable of performing tasks with minimal oversight Team player incorporating a team based success philosophy Current Security+, CISSP, or equivalent DOD 8570 IAT 2/3 certification Proficient with troubleshooting and implementation in a command-line Linux environment. Preferred Skills: Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), encryption technologies, cross domain solutions, and vulnerability management tools. Experience with microservice architectures (Rancher, Kubernetes, etc.) and knowledgeable with setup, maintenance, and ongoing support for such environments Strong understanding of IAM concepts and technologies, including role-based access control (RBAC), single sign-on (SSO), and multi-factor authentication (MFA). Experience with configuration of IAM solutions such as Active Directory, LDAP, and cloud-based IAM services. Experience with configuration of security information and event management (SIEM) systems, such as Splunk, ArcSight, or ELK stack. Proficiency in network protocols and secure network design in AWS or similar cloud environments. Familiarity with SNOW tool Proficient in implementing/using security tools for penetration testing, vulnerability assessments, and security audits. Knowledge or desire to learn Container Security, orchestration, continuous monitoring, auditing, etc.

Salary Description

$94,000 - $198,000