Cybersecurity Engineer

As a Cybersecurity Engineer at Apogee, you'll play a pivotal role in providing expert guidance on weapons system cybersecurity. Responsibilities include executing the Risk Management Framework (RMF), developing secure systems, analyzing threat data, and creating comprehensive cybersecurity processes. Essentially, you'll be the go-to expert for protecting our systems and ensuring they meet rigorous standards.

To qualify for the Cybersecurity Engineer role at Apogee, candidates must be U.S. citizens with an active Top Secret clearance. A high school diploma is necessary, along with at least 20 years of relevant experience, including 8 years within the DoD. Additionally, certifications such as IAT Level II (Security+ CE) are required, with IAT Level III (CISSP or equivalent) being preferred.

Apogee is dedicated to the professional growth of its Cybersecurity Engineers. Opportunities for additional training, certifications, and participation in advanced projects are encouraged. The collaborative environment allows team members to learn from each other and stay updated on the latest cybersecurity trends and practices.

At Apogee, Cybersecurity Engineers work in a supportive and innovative atmosphere at Wright Patterson AFB. The on-site role fosters collaboration among tech experts, providing an engaging space where ideas flourish and cutting-edge cybersecurity strategies take shape. Expect a dynamic work culture focused on achieving mission goals.

As a Cybersecurity Engineer at Apogee, you'll work on a range of projects that include developing secure systems for ISR and SOF. This involves assessing weapons vulnerabilities, conducting cyber impact assessments, and integrating security protocols based on NIST guidelines, ensuring our systems remain robust against threats.

When answering this question, provide specific examples of your involvement in executing RMF processes. Discuss how you have generated required artifacts and the impact of your contributions on system security.

Your response should reflect a solid understanding of NIST 800-53. Describe the key controls, their importance in cybersecurity, and how you have applied them in previous projects to secure systems effectively.

Talk about your methodology for assessing threats. Highlight the tools you use, the criteria for evaluating vulnerabilities, and any instances where your insights led to improved security measures or risk mitigations.

Explain what a Program Protection Plan (PPP) is and its significance in project security. Discuss your experience in developing PPPs and how they help in safeguarding critical technologies from cyber threats.

Share your strategy for aligning cybersecurity obligations within contracts. This might include collaboration with stakeholders, reviewing contract deliverable lists, and conducting technical evaluations to ensure all cybersecurity needs are met.

Illustrate your ability to simplify complex ideas. Provide an example where you successfully conveyed technical information to non-technical audiences, focusing on how you tailored your message for clarity and understanding.

Mention specific tools you've used for continuous monitoring, emphasizing their features and how they enhance security. Discuss any experiences you've had in implementing these tools and their impact on system defenses.

Share your methods for continuous learning, such as attending training sessions, webinars, and reading industry publications. Highlight any recent certifications or courses that have enhanced your expertise.

Discuss specific vulnerabilities you have identified in past roles, how you detected them, and the strategies you implemented to mitigate these vulnerabilities within the systems.

Explain your risk assessment process. Discuss how you evaluate potential threats and prioritize them based on their impact, likelihood, and resources available to mitigate the risks effectively.