Information Security Engineer
Description For Information Security Engineer
Mach Industries, a defense manufacturing company backed by $85M in funding, is seeking a skilled Information Security Engineer to join their team. The role focuses on protecting the organization's information systems and data, implementing security measures compliant with NIST 800-171 and CMMC frameworks, and managing information security risks.
Key responsibilities include:
- Implementing and maintaining compliance with NIST 800-171 and CMMC frameworks
- Conducting risk assessments and implementing risk mitigation strategies
- Staying current with DoD cybersecurity policies
- Utilizing SIEM, EDR/XDR, and SOAR tools for security monitoring
- Executing scanning, reconnaissance, and penetration testing
- Managing and securing cloud services (AWS, Azure, DISA mil)
- Developing scripts to automate security tasks
- Leading responses to security incidents
- Designing and conducting security training programs
- Maintaining detailed security documentation
The ideal candidate should have:
- Bachelor's degree in Cybersecurity, IT, Computer Science, or related field
- Minimum 5 years of experience in cyber/information security roles
- Hands-on experience with NIST 800-171, CMMC, and RMF
- Proficiency with various security tools and cloud platforms
- Strong analytical skills and attention to detail
This role offers a competitive salary and equity package, along with benefits such as health insurance, retirement plans, and professional development opportunities. Mach Industries is an equal opportunity employer committed to creating a diverse and inclusive workplace.
Join Mach Industries to contribute to national defense and be part of a team developing cutting-edge weapons technology while ensuring the highest levels of information security.
Responsibilities For Information Security Engineer
- Implement and maintain compliance with NIST 800-171 and CMMC frameworks
- Conduct comprehensive risk assessments and implement risk mitigation strategies
- Stay current with DoD cybersecurity policies, including the Risk Management Framework (RMF)
- Utilize SIEM, EDR/XDR, and SOAR tools for security monitoring and enhancement
- Execute scanning, reconnaissance, and penetration testing
- Manage and secure cloud services (AWS, Azure, DISA mil)
- Develop scripts to automate security tasks
- Lead responses to security incidents
- Design and conduct security training and awareness programs
- Maintain detailed documentation of security systems, policies, and procedures
- Conduct analysis of security events and provide insights to stakeholders
Requirements For Information Security Engineer
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
- Minimum of 5 years of experience in cyber/information security roles, with a focus on risk assessment and compliance
- Hands-on experience with NIST 800-171, CMMC, and the Risk Management Framework (RMF)
- Proficiency with SIEM tools, EDR/XDR tools, SOAR tools, and cloud security tools
- Familiarity with IT networking, Windows, and cloud systems
- Proficient in bash, shell, PowerShell, Python, and/or basic scripting on Linux and Windows platforms
- Strong analytical skills, attention to detail, and the ability to manage multiple projects in a fast-paced environment
Benefits For Information Security Engineer
- Health insurance
- Retirement plans
- Professional development opportunities
- Competitive equity grants
