Home / Jobs

Lucid Technologies Inc

The Logical Solutions

Cyber Security Specialist III
Job Title: IT - Cyber Security Specialist III
Location work will be performed: Merrifield, VA – Remote work will be considered but some Onsite support is required

Job Description: Cyber Security Engineer III - Mail Processing Equipment and Material Handling Equipment (MPE/MPH)

The resource shall provide the expertise to build upon existing client capabilities to support software and system security tasks as follows:
1. MPE/MHE System and Software Security
2. Security Assessments and Patch Management 
3. Network Traffic Management

Qualified candidates will augment the ES Security Team to evaluate, analyze, plan, test, and provide support for the objectives described in this Section.

1. MPE/MHE System and Software Security
There are approximately 250 MPE/MHE systems that ES supports. Changes to existing systems range from software maintenance releases to large-scale mechanical and software updates (Tech Refresh programs). Also included are newly acquired MPE/MHE systems. Cyber security standards are developed and modified by Chief Information Security Office (CISO) and ES and are the requirements to which the MPE/MHE systems must follow.

This objective describes the work that will be performed with client ES management, system owners, and software teams to achieve cyber security design and verification goals for maintenance releases, tech refreshes, and new system acquisitions:
  • Support MPE/MHE system owners and development teams in cyber security architecture reviews including initial designs, documentation, and testing. To help in this effort, the Team shall:
  • Create a golden standard for each platform;
  • Develop and maintain reference systems;
  • Maintain centralized libraries for scripts, fixlets, and software to implement patches and security features, leveraging the BigFix software suite;
  • Develop documentation – standards, test cases, requirements;
  • Implement a Secure Coding process within the ES MPE/MHE DevSecOps software development process;
  • Perform MPE/MHE vulnerability scans;
  • Work with MPE/MHE teams on identifying timelines for remediating vulnerabilities, upgrading legacy operating systems (OS) and database applications, and implementing system changes according to new security standards on Production systems;
  • Coordination of cyber security tasks with program office and engineering managers on new MPE/MHE systems, including architecture and technology assessments, and validating implementation of security requirements through test phases and security reviews.

Deliverables/Expectations
Deliverable: Technical reports, assessments, presentations, schedules, and other written artifacts that deliver results of cyber security analysis and recommendations based on CISO and ES standards
Expectation: Attend MPE/MHE team meetings and develop documentation in support of legacy and new MPE/MHE

Deliverable: Support to MPE/MHE teams to design and verify cyber security requirements on Production systems
Expectation: Approximately 70 releases/year

Deliverable: Review and provide analysis of security requirements for new MPE/MHE
Expectation: Approximately 5 programs/year

Deliverable: Update the Software Security Statement of Work, as required and if there are changes in standards or applications to new environments (e.g., Artificial Intelligence, Machine Learning)
Expectation: Approximately 2 updates/year

2. Security Assessments and Patch Management
The ES Security Team, and selected resources, will:
  • Develop best practices for cyber security and patch updates on legacy MPE/MHE systems and network designs. ES uses the HCL BigFix application to monitor, report, and install patch updates;
  • Maintain ES security patch processes and documentation; ES uses the MicroFocus Solutions Business Manager (SBM) application to manage the patch process and deliverables;
  • Using the ES security applications, BigFix and Forescout, and the Mail Processing Inventory Repository (MPIR) data, provide MPE/MHE patch and vulnerability reports to assist MPE/MHE development teams in planning and implementing software upgrades for required security patches;
  • Analyze and provide recommendations to remediate MPE/MHE vulnerabilities and responses to Enterprise Cyber Risk Management System (ECRMS) risk assessments;
  • Provide recommendations to ES management to improve the patch process and the applications used to assign, verify, and install patch releases.
Deliverables/Expectations
Deliverable: Vulnerability reports, assessments, develop process and training documents, and other written artifacts that deliver results of analysis and recommendations
Expectation: Work with MPE/MHE teams in support of patch updates on MPE/MHE

Deliverable: Creation of a MPE/MHE system architecture review process to verify adherence to systems security standards during design phase
Expectation: Review/revise the existing software security requirements

Deliverable: Assess and provide recommendations as needed to improve the ES patch process and associated reports.
Expectation: Learn and use the tools that manage the process; assist in implementing improvements

Deliverable: Work with MPE/MHE teams during cyber security assessments and remediation of issues found during the assessments.
Expectation: Approximately 40 releases/year

3. Network Traffic Management
The ES Network Management Team, and selected resources, will:
  • Update Mail Processing repository and other records accordingly to ensure accurate profiling for network controls;
  • Validate MPE/MHE MPNACS policies and rule changes;
  • Maintain detailed network connectivity requirements for each system;
  • MPE/MHE RFC 1918 administration and changes;
  • Development and installation of jump servers at each site for secure access to MPE/MHE.
Deliverables/Expectations
Deliverable: Maintaining MPE/MHE configurations in the ES MPIR based on meetings with teams and other written artifacts that deliver results of analysis and recommendations
Expectation: Update the network data in MPIR using MPNACS data and from system owners

Deliverable: Create and maintain MPNACS policies and rules for all MPE/MHE systems.
Expectation: Update Access Control list as required

Deliverable: Define requirements for and coordinate installation of servers to support remote access to MPE/MHE
Expectation: Develop requirements based on current usage and Stakeholder needs

EXPERIENCE LEVEL:  
  • 5-7+ years of solid, diverse experience in cyber security vulnerability 
  • 5-7+ assessments, or equivalent combination of education and work 
  • 5-7+ experience years of ethical hacking experience including experience in Information Security, application vulnerability testing, code-level security auditing, and secure code reviews years Comprehensive understanding of change management techniques associated with new technology implementation.
  • 5-7+ years demonstrating leadership ability
EDUCATION:  
  • Bachelor’s degree in a technical specialty such as cyber security, computer science, management information systems or related IT field (Master's Degree Preferred)
CERTIFICATIONS: (One or more required)
  • CISSP, CISM, SABSA, GIAC
Additional Provisions:
  • Must be able to obtain a Position of Public Trust Clearance 
  • Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
  • Once candidate’s resume is approved and interview passed, the agency is responsible for providing drug screening. 
  • Failure to submit the drug screening results will delay the security clearance process.
  • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
  • All candidates must be a US Citizen, or have permanent residence status (Green Card).
  • Candidate must have lived in the United States for the past 5 years.
  • Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
  • All overtime must be pre-approved in writing by the client manager or his/her designated representative.
  • Agency will not be reimbursed for overtime charges without previous written authorization. 
  • Authorized overtime will be reimbursed at straight time.


Thanks & Regards, 
Ravi Rajbhar
US IT Recruiter 
Lucid Technologies Inc 
E: Ravi.r@lucidtechinc.com
C: +1 214-385-4144 Ext:209
W: www.LucidTechINC.com