• Type: Contract
  • Job #2740

Colorado Springs, CO
Cybersecurity Engineer
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government.  Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission.  Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation’s toughest and most secure problems.  If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don’t look any further than Cornerstone Defense.

Cornerstone Defense is looking for a Cybersecurity Engineer in Colorado Springs, CO.

The PTES program is seeking a Cybersecurity Engineer with a strong background in DoD security tools (ACAS, HBSS/ESS, SIEM), Security Configuration (STIG) environments and RMF Policy creation and verification. The engineer will be supporting different cloud computing environments (AWS GovCloud and DoD Cloud) working with teams implementing and verifying security across the program, including testing and assisting with security plans.
The PTES program is developing a new Global Military Satellite Communications (MILSATCOM) Ground System that will manage transmission of protected tactical waveform – a type of secure, anti-jam communication – over Boeing-built Wideband Global SATCOM (WGS) satellites and terminals.

As a member of the PTES team, you will be involved in the entire software development life cycle, from idea creation and development, all the way through to maintenance and support of the customer’s delivered system. These positions will place you in roles where you have the opportunity to make an impact on the results of our project. The PTES team offers a collaborative mentoring environment where you have the opportunity to learn from or lead others.

Position Responsibilities:

  • Integrate security principles into the development and deployment of software/hardware solutions.
  • Ensure continuous monitoring processes are installed and actively controlled.
  • Participate in root cause analysis investigations and incident handling.
  • Establish DevSecOps processes to ensure permissions and configurations are appropriate.
  • Cloud Infrastructure/Cloud Security/DevSecOps: Design, implement, and maintain security solutions/operations for a variety of cloud technologies. Design, implement, and maintain systems to perform scanning of source code, log collection and analysis, and security alerting.
  • Support developers in DevSecOps design, implementation, and maintenance operations to include implementation of service mesh, access control, identity management, and container security.
  • Systems Security: Work with developers to ensure virtual and physical systems are configured securely. Employ operating system and application vulnerability and secure configuration scanners (e.g., Nessus, SCAP Compliance Checker) anti-virus endpoint and management solutions, firewalls, secure DNS, and proxies.
  • Plan and implement automated methods for securing, verifying, and resetting system security. Develop documentation to enable rapid adoption and utilization of standard architectures and to describe system architectures and data flow.
  • Risk Management Framework (RMF): Designs and facilitates implementation of security controls IAW NIST SP 800-53 and SP 800-171. Documents hardware, software, system components, and data flow as required to complete RMF System Security Plans. Develop and maintain training plans, records, and training.
  • Additional duties, as assigned

Basic Qualifications (Required Skills/Experience):

  • Current DoD 8570 IAT Level II Certification.
  • Hands-on Experience with: ACAS ( Nessus/Tenable.sc), STIG Viewer and Compliance (SCC), CIS Control Implementation/checks (SCC or STIG Verify)
  • Management knowledge of Enterprise Security Solutions (HBSS/ESS).
  • RMF Families focused on the Access Control and Auditing areas
  • Security Event Information Manager (SIEM) Splunk ES.
  • Strong understanding and experience with the Risk Management Framework process
  • Strong understanding of NIST SP 800-53 (multiple revisions) and other NIST Special Publications
  • Experience drafting, routing, and finalizing Plan of Actions & Milestones (POA&Ms)
  • Good oral and written communication skills

Preferred Qualifications (Desired Skills/Experience):

  • AWS (Cloud) and MilCloud (Stratus) experience
  • Experience working in DevSecOps environment
  • Penetration testing or vulnerability management experience, with ability to prioritize vulnerabilities for remediation across multiple different project teams from both network, cloud, and software vulnerability sources
  • Recent DoD/USSF cybersecurity expertise, specifically processes for obtaining an ATO
  • Software Security Experience (Code quality scanning tools, static & dynamic code analysis tools) 
  • Hands-on Experience with Splunk and Elasticsearch
  • CI/CD pipeline security expertise:  Kubernetes Security, vCloud, Docker


Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!