Cybersecurity Engineer - DevOps

Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability. Our mission is to create a safer, more sustainable and productive world.

Sphera is a portfolio company of Blackstone, a U.S.-based alternative asset investment company that focuses on private equity, technology and innovation, and more. Blackstone businesses succeed through strong partnerships, a personalized approach and a commitment to exceptional performance with uncompromising integrity. Sphera and Blackstone are leaders in the Environmental, Social and Governance (ESG) space.

We are guided by our core values of Customer Centricity, Accountability, Bias to Action, Innovation, and Collaboration. These values help us recruit the right talent to join our rapidly expanding team around the globe. It is important to us that each and every Spherion is not only eager to challenge themselves and knows how to get work done but is an awesome addition to our company culture.

We are seeking a dynamic and experienced Cybersecurity Engineer to work alongside a high-performing team of technology professionals within the federal government sector. This position plays a critical role in protecting the organization's web applications by designing, implementing, and maintaining robust security controls. This is essential in maintaining quality cyber posture scoring and contributes to building secure solutions.

Key Requirements:

• U.S. Citizen
• Ability to verify U.S. employment eligibility using Form I-9
• Ability to obtain a U.S. Government security clearance and Common Access Card
• Bachelor’s degree in computer science, Cybersecurity, IT, or related field.
• Minimum 3-5 years of professional experience in Application Security with a strong understanding of systems security principles.
• Ability to pass a drug test
• A six-month trial/probationary period may be required.

Qualifications

• Knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001
• Familiarity with Security Technical Implementation Guides (STIGs) and Security Requirements Guides for the Department of Defense (DOD) information technology systems.
• Knowledge of Public Key Infrastructure (PKI).
• Ability to obtain a Secret clearance.
• Familiarity with DOD/DISA STIG Viewer tool.
• Strong analytical and problem-solving skills.
• Experience in Application programming and Application Security.
• Knowledge of DAST and SAST tools.
• Strong programming and scripting skills.
• Security+ Certification.

Preferred Qualifications

• Experience working on US DoD programs.
• Secret clearance.
• It is generally desirable for a person in this position to have a cybersecurity certification, such as SSCP, CISSP, GSEC, GISP, or other cybersecurity or IT certification.

Key Responsibilities

• Implement and maintain DISA STIGs for application and web servers.
• Mitigate OWASP Top 10 vulnerabilities and other web application security risks.
• Conduct threat modeling exercises to identify and mitigate potential security risks.
• Ensure compliance with DoD security and IA requirements by implementing controls aligned with the NIST RMF.
• Investigate and respond to security incidents related to web applications.
• Monitor SIEM alerts, analyze security logs, and investigate security incidents.
• Collaborate with development teams to integrate security into the SDLC.
• Work with DevOps to automate security testing and deployment processes.
• Prepare and maintain security compliance documentation.
• Stay updated on emerging threats, vulnerabilities, and industry best practices.
• Work effectively independently and in a dynamic team environment.
• Proven time management, organizational and follow-up skills to meet deadlines.
• Excellent interpersonal skills.
• Must be willing to learn new technologies and processes as needed.

Pay:

$116,000.00 - $174,000.00 + Eligible for Variable Compensation Plan

Commensurate with relevant qualifications and experience

Benefits:

• Medical, Dental, and Vision Insurance

• Health Savings Account

• Flexible Spending Account

• 401(k) Retirement Plan with Company Match

• Life and Disability Insurance

• Critical Illness Insurance

• Accident Insurance

• Hospital Indemnity Insurance

• Paid Time Off and Holidays

• Flexible Working Schedule

Sphera is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. This job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position.