Job Description

The Cybersecurity Architecture and Engineering manager leads a team of engineers that protects SNC using a multi-layered approach to security. You will work with other Cybersecurity teams to work through complex issues, and maintain a high security posture. Communication skills are critical, as there will be continuous communication across the team and business areas. As a defense contractor, knowledge of federal requirements, and implementing controls is a requirement.

As SNC\'s corporate team, we provide the company and its business areas with strategic direction and business support spanning executive management, finance and accounting, operations, human resources, legal, IT, information security, facilities, marketing, and communications.

This role is open to a hybrid schedule

Responsibilities:

• Lead a technical team of security engineers in building, maintaining, and developing SNC\'s cybersecurity protections
• Apply the methods, standards, and approaches for researching, designing, and implementing secure enterprise information technology architecture
• Establish credibility and trusted advisor status with internal customers by developing and maintaining relationships with a variety of cybersecurity, architecture and business stakeholders, IT functional groups, operations, and project managers
• Apply secure system designs, tools, methods, and techniques to design enterprise solutions that optimize enterprise performance while ensuring cybersecurity and privacy principles adhere to organizational requirements
• Responsible for understanding complex business IT needs and managing research, design, solution development, governance, and security oversight of on-premises and cloud computing solutions
• Experience with leading public cloud providers and technologies (Google Cloud Platform, AWS, Azure) and traditional data center technologies as well as modern day application architectures is required
• Integrates with Enterprise Vulnerability Management activities to ensure continuous security monitoring is incorporated into enterprise systems
• Define, prioritize, and safeguard essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event through business continuity and disaster recovery planning
• Optimize enterprise architecture and cloud computing build-outs for cost and performance (VM optimization, reserved instances)
• Identify and oversee improvements to enterprise systems and cloud security configurations
• Recommend, develop, plan, manage, implement, and fully document IT projects
• Identify improvements to IT documentation, network maps, processes/procedures, and tickets
• Knowledge of Cybersecurity Maturity Model Certification (CMMC) and NIST 800-171 requirements
• Provide a Cyber Security and Information Security (INFOSEC) partnership with the business to ensure proper implementation of protections toward current and future projects.
• Collaborate with security and IT staff to define, improve, implement and maintain information security policies, strategies, and procedures. As directed, draft written guides and process reference materials to assist IT team members meet policy and procedural requirements
• Analyze and correlate network artifacts, machine, and event data to develop preliminary outage and/or incident root cause and corresponding remediation strategy by using various data analytics techniques
• Create and Maintain Security Compliance documentation related to DFARS/NIST 800-171 standards: Security Plan, Plan of Action & Milestones (POA&M), Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedures, Risk Assessment Report, Security Assessment Plan and Report; Contingency Plan, Incident Response Plan, and Configuration Management
• Lead Enterprise Architecture Engineering and Cybersecurity/IA efforts by establishing or validating the system boundaries in describing Information Systems, their functions, and information types with specific security requirements.
• Capture and refine cybersecurity requirements and ensure that the requirements are effectively integrated into information systems throughout the System Development Life Cycle (SDLC)
• Employ best practices when implementing security requirements within systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
• Conduct security control assessments; review the adequacy of the security controls and their ability to protect the system and its information; tailor the security controls to ensure compliance
• Read, interpret, and implement Cybersecurity/IA regulations and requirements; develop and maintain managerial, operational, and technical Cybersecurity/IA skillset

Must Haves:

• Bachelor\'s degree in Cybersecurity, Network Engineering, Information Technology or related Engineering field of study and typically 0 - 4 years of experience managing/ leading a team
• \xe2\x80\xa2 Relevant experience may be considered in lieu of required education
• Knowledge of technical standards relating to systems security; experience administering UNIX, Linux, and Windows operating systems, experience with large-scale server systems, thin client architecture, system virtualization, and other related peripherals
• Experience with A&A requirements as outlined in the NISPOM, RMF for DOD, ICD 503, JSIG & NIST RMF
• Knowledge and experience with a variety of current Microsoft platforms
• Knowledge of data security administration principles, methods, and techniques
• Ability to effectively execute multiple, complex tasks
• Ability to read and interpret security and technical documentation
• Strong interpersonal and written communication skills
• Ability to maintaining confidentiality of high-sensitivity projects and data
• Ability to perform critical-incident response
• Ability to commit to a role that requires shift work Security+ Certification
• The ability to obtain and maintain a Secret U.S. Security Clearance is required. Learn more about the background check process for Security Clearances

Preferred:

• Excellent interpersonal and communication skills to interact effectively with others
• Project/program management experience
• Experience with NIST SP 800-171 control implementation and management Familiarity with CMMC & DFARS compliance
• Certifications: CISSP, CISM, CRISC, CASP, CCNA CCNP, GSEC, GCIH, GDSA, GSLC, GSOM, PMP

At Sierra Nevada Corporation (SNC) we deliver customer-focused technology and best-of-breed integrations in the aerospace and defense sectors. SNC has been honored as one of the most innovative U.S. companies in space, a Tier One Superior Supplier for the U.S. Air Force, and as one of America\xe2\x80\x99s fastest-growing companies.

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and .

IMPORTANT NOTICE:

This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

At Sierra Nevada Corporation (SNC), our mission is to dream, innovate, inspire and empower the next generation to transform humanity through technology and imagination. As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination. Employment decisions are made without regarding to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or other characteristics protected by law. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.

Sierra Nevada Corporation