Cyber Security Engineer

BDR Solutions, LLC (BDR) supports the U.S. Federal Government in successfully achieving their mission and goals. Our service and solution delivery start with understanding each client's end-state and then seamlessly integrating within each Agency's organization to improve and enhance business and technical operations and deployments.

BDR is seeking a Cyber Security Engineer to join our growing team! This position is primarily remote with travel as requested. It requires availability during EST business hours. US Citizenship is required with Secret Security Clearance or the ability to obtain one.

Role Overview:

The Cyber Security Engineer will safeguard the Theater Blood (TBLD) application by embedding cybersecurity across its lifecycle — from design and development through fielding and sustainment. This role is responsible for ensuring the system complies with DoD Risk Management Framework (RMF), achieves and maintains Authority to Operate (ATO), and delivers secure, resilient, and compliant solutions that can operate in Denied, Degraded, Intermittent, and Limited (DDIL) environments. The engineer will work closely with architects, developers, and mission stakeholders to implement Zero Trust principles, automated security testing, and DevSecOps-aligned security practices.

The position is primarily remote with travel as requested. It requires availability during EST business hours. This position requires US Citizenship with SECRET Security Clearance or the ability to obtain one.

(Military Veterans and HUBZone candidates are highly encouraged to apply)

Responsibilities and Duties (Included but not limited to):

· Design, implement, and validate security controls within the TBLD system architecture

· Apply Zero Trust principles, identity/access management, and encryption strategies to protect sensitive medical and logistics data.

· Engineer solutions for cyber resilience in distributed and DDIL environments.

· Support RMF activities, including security categorization, control selection, control implementation, and assessment.

· Prepare and maintain documentation for accreditation packages to achieve/renew ATO.

· Ensure alignment with DoD cybersecurity policies, DISA STIGs, and DHA directives.

· Integrate static/dynamic code analysis, container scanning, and security gates into CI/CD pipelines.

· Collaborate with developers to enforce secure coding standards and remediate vulnerabilities.

· Automate security testing wherever possible to improve speed and accuracy of compliance.

· Implement system monitoring, logging, and anomaly detection to identify and mitigate threats.

· Coordinate incident response and vulnerability remediation with program and DHA security teams.

· Provide Tier 3 cybersecurity reach-back support for deployed systems.

· Advise program leadership and product owners on cyber risks and mitigations.

· Contribute to security-related training documentation and user awareness materials.

Requirements:

· Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field; Master’s preferred.

· 5+ years of cybersecurity engineering experience, preferably in defense, healthcare, or mission-critical IT.

· Deep knowledge of DoD RMF, NIST SP 800-53, DISA STIGs, and cyber accreditation processes.

· Proficiency with security tools (e.g., Nessus, Fortify, SonarQube, Splunk, ACAS, HBSS).

· Experience with container and cloud security (Kubernetes, Docker, AWS/Azure/DoD CloudOne).

· Strong background in secure coding practices, PKI, IAM, and vulnerability management.

· Familiarity with automated testing and CI/CD toolchains (Jenkins, GitLab, GitHub Actions).

· Ability to collaborate across cross-functional teams, including IT, clinical, administrator and vendor stakeholders.

· Must be eligible to work in the United States without sponsorship due to clearance requirement.

· Ability to obtain secret security clearance required; TS/SCI preferred

Preferred Qualifications and Core Competencies:

· Active Secret security clearance

· Prior experience supporting DHA, JOMIS, or DoD healthcare IT programs.

· Knowledge of DDIL environment security challenges and distributed system hardening.

In addition, U.S Citizenship is required. Select applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information and be able to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to criminal history, employment and education verification, drug testing, and creditworthiness.

BDR is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, marital status, disability, veteran status, sexual orientation, or genetic information.