Senior Cybersecurity Engineer

BCMC is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. We are seeking a Senior Cybersecurity Engineer (Controls & Assessment Lead) to support this critical customer mission.

The Senior Cybersecurity Engineer will lead security controls implementation and risk assessment activities for technology integration initiatives. This role ensures all pilot and production integrations meet federal security requirements, maintain compliance frameworks, and align with CISA's risk reduction priorities while enabling innovation and modernization.

Responsibilities:
- Lead security controls assessment and implementation for technology integration pilots
- Establish risk frameworks for pilot design and execution activities
- Ensure compliance with federal security requirements (NIST, FISMA, FedRAMP)
- Conduct security assessments of proposed technology insertions
- Define security boundaries and controls for pilot environments
- Coordinate with RMF and security teams on authorization activities
- Ensure pilots maintain security posture and avoid becoming security liabilities
- Assess security readiness for scaling pilots into production
- Develop security metrics for measuring pilot and production outcomes
- Lead security governance review processes and decision points
- Ensure alignment with CISA Zero Trust Strategy and security architecture
- Conduct risk assessments for technology insertions across federated environments
- Support continuous monitoring and security validation of integrated capabilities
- Provide security guidance to development and operations teams
- Document security controls, procedures, and compliance evidence

Required Skills/Clearances:
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 10+ years of experience in cybersecurity engineering or security architecture
- Expert knowledge of federal security frameworks (NIST 800-53, RMF, FISMA)
- Experience leading security assessments and authorization activities
- Strong understanding of risk management and security controls implementation
- Experience with security compliance in operational environments
- Knowledge of Zero Trust architecture and implementation principles
- Experience assessing security of AI/ML and emerging technologies
- Strong analytical and problem-solving skills
- Excellent documentation and communication abilities

Desired Skills:
- ITIL, PMP, or similar operations/project management certification
- Experience with CISA programs or similar federal cybersecurity operations
- Background in security assessment of malware analysis platforms
- Experience with cloud security assessment and authorization
- Knowledge of critical infrastructure security requirements
- Experience with continuous monitoring and automated compliance tools
- Familiarity with DevSecOps and security automation practices
- Background in penetration testing or vulnerability assessment

Required Education:
BS in Cyber Security, Computer Science, or related degree; Master’s degree preferred, or HS Diploma and 7+ years of directly relevant experience

Desired Certifications:
- DoD 8140 IAT Level III
- CAP, CRISC

Our Company Overview
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.

Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vision coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave

ESS-3422
Information Security Manager - III - ISM03