Lead a Team of Cybersecurity focused individuals. Support programs through the Risk Management Framework (RMF) process per DoDI 8510.01 Apply cybersecurity risk management framework principles to the development and assessment of systems Conduct assessment and authorization activities to support recommendations to the services / customer authorizing official (AO) based on requirements, security impact levels and projected operational environment Select and tailor controls from the NIST SP 800-53... more details
Lead a Team of Cybersecurity focused individuals.
Support programs through the Risk Management Framework (RMF) process per DoDI 8510.01
Apply cybersecurity risk management framework principles to the development and assessment of systems
Conduct assessment and authorization activities to support recommendations to the services / customer authorizing official (AO) based on requirements, security impact levels and projected operational environment
Select and tailor controls from the NIST SP 800-53 control catalog in view of system needs and constraints
Participate in customer cybersecurity discussions and technical interchange meetings
Perform duties of a security control accessor (SCA) to determine and analyze applicable program cybersecurity controls per NIST SP 800-53
Conduct Security Technical Implementation Guide (STIG) analysis for programs
Assess proposed changes to customer information systems, their operation environment, and mission needs for impacts to cybersecurity architectures and continued compliance with cybersecurity requirements
Evaluate the threats and vulnerabilities to information systems to ensure security controls effectively mitigate the risk of exploits and verify security controls are correctly applied to the program requirements/design
Contribute to cybersecurity requirement analysis and design implementation
Author cybersecurity documentation to include Cybersecurity Implementation Plan and Program Protect Implementation Plans
Provide inputs to development teams responsible for designing and developing organizational information systems
Employ best practices when implementing security requirements for information systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
Support interfacing with program managers to explain security requirements, risks and mitigations relative to their priorities of cost and schedule to ensure an acceptable risk tolerance
Participate in system vulnerability identification and subsequent patching activities
Conduct cybersecurity tests and author cybersecurity test reports
Stay in-tune with current and new security technologies and threats to better support the customer in maintaining cybersecurity resilience
You are a part of highly skilled, multi-disciplinary team working to provide secure avionics equipment directly to customers. You will be the cybersecurity engineer, supporting the cybersecurity engineering lead in helping to determine the necessary security measures, interacts with the customer cybersecurity experts, and oversees the security testing of our products.
To succeed in this role, you should have the following skills and experience:
Experience with the Risk Management Framework (RMF) process per DODI 8510.01
Experience with determining RMF threat levels and selecting the appropriate security controls per CNSSI 1253
Experience with applying NIST SP800-53 controls to the systems requirements/design
Experience with Security Technical Implementation Guide (STIG) analysis
Experience with Critical Program Information (CPI) analysis per DoDI 5200.39
Experience with code analysis to include static and dynamic code analysis
Familiarity with FIPS 140 levels and security requirements
Familiarity with cryptographic algorithms and their usage
Familiarity with Common Weakness Enumeration (CWE) for software or secure software practices
Familiarity with National Institute of Standards and Technology (NIST) Special Publications (SP)
Familiarity with National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and its applicability to system vulnerabilities
Familiarity with Letter of Volatility creation/review
"This position requires you to access information that is subject to U.S. export regulations. You may only access such information if you are a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. government."
Lead a Team of Cybersecurity focused individuals.
Support programs through the Risk Management Framework (RMF) process per DoDI 8510.01
Apply cybersecurity risk management framework principles to the development and assessment of systems
Conduct assessment and authorization activities to support recommendations to the services / customer authorizing official (AO) based on requirements, security impact levels and projected operational environment
Select and tailor controls from the NIST SP 800-53 control catalog in view of system needs and constraints
Participate in customer cybersecurity discussions and technical interchange meetings
Perform duties of a security control accessor (SCA) to determine and analyze applicable program cybersecurity controls per NIST SP 800-53
Conduct Security Technical Implementation Guide (STIG) analysis for programs
Assess proposed changes to customer information systems, their operation environment, and mission needs for impacts to cybersecurity architectures and continued compliance with cybersecurity requirements
Evaluate the threats and vulnerabilities to information systems to ensure security controls effectively mitigate the risk of exploits and verify security controls are correctly applied to the program requirements/design
Contribute to cybersecurity requirement analysis and design implementation
Author cybersecurity documentation to include Cybersecurity Implementation Plan and Program Protect Implementation Plans
Provide inputs to development teams responsible for designing and developing organizational information systems
Employ best practices when implementing security requirements for information systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
Support interfacing with program managers to explain security requirements, risks and mitigations relative to their priorities of cost and schedule to ensure an acceptable risk tolerance
Participate in system vulnerability identification and subsequent patching activities
Conduct cybersecurity tests and author cybersecurity test reports
Stay in-tune with current and new security technologies and threats to better support the customer in maintaining cybersecurity resilience
You are a part of highly skilled, multi-disciplinary team working to provide secure avionics equipment directly to customers. You will be the cybersecurity engineer, supporting the cybersecurity engineering lead in helping to determine the necessary security measures, interacts with the customer cybersecurity experts, and oversees the security testing of our products.
To succeed in this role, you should have the following skills and experience:
Experience with the Risk Management Framework (RMF) process per DODI 8510.01
Experience with determining RMF threat levels and selecting the appropriate security controls per CNSSI 1253
Experience with applying NIST SP800-53 controls to the systems requirements/design
Experience with Security Technical Implementation Guide (STIG) analysis
Experience with Critical Program Information (CPI) analysis per DoDI 5200.39
Experience with code analysis to include static and dynamic code analysis
Familiarity with FIPS 140 levels and security requirements
Familiarity with cryptographic algorithms and their usage
Familiarity with Common Weakness Enumeration (CWE) for software or secure software practices
Familiarity with National Institute of Standards and Technology (NIST) Special Publications (SP)
Familiarity with National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and its applicability to system vulnerabilities
Familiarity with Letter of Volatility creation/review
"This position requires you to access information that is subject to U.S. export regulations. You may only access such information if you are a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. government."
Mercury considers a variety of factors to determine individual base salary offers to candidates, including:
* the role and related responsibilities;
* prior work experience;
* education, training, skills and certifications;
* internal equity with others employed by Mercury in similar roles;
* geographic location; and
* alignment with market data.
In addition to base salary, Mercury provides a variety of benefits for team members including:
* bonus opportunities (or special incentives for sales positions);
* health, life and disability insurance;
* company-paid holidays and time off;
* 401(k) retirement plan;
* discounted employee stock purchase plan;
* tuition reimbursement; and
* access to professional development and personal wellness platforms including LinkedIn Learning, Headspace, Aaptiv and Virgin Pulse.
Team members at the Director or Vice President level are also eligible to receive annual stock-based awards.
Mercury offers a 9/80 alternative work schedule that provides employees more opportunity for work/ life balance (available based off location)
None
This position may require you to access information that is subject to U.S. export regulations. You may only access such information if you are a U.S. citizen, lawful permanent resident of the U.S., protected individual.
Why should you join Mercury Systems?
Mercury Systems is a technology company that makes the world a safer, more secure place. We push processing power to the tactical edge, making the latest commercial technologies profoundly more accessible for today's most challenging aerospace and defense missions. From silicon to system scale, Mercury enables customers to accelerate innovation and turn data into decision superiority. Headquartered in Andover, Massachusetts, Mercury employs more than 2,300 people in 24 locations worldwide. To learn more, visit mrcy.com
Our Culture
We are committed to making Mercury a great place to work, no matter where our employees are located. We offer a casual and enjoyable atmosphere that allows employees to learn and grow. We help and care for one another and work as one to achieve results for us and for our customers. We value communication and transparency, and strive to foster two-way dialogue at all levels of the organization. We are committed to lifelong learning, offering comprehensive skills training and tuition reimbursement. Whether you're just starting out on your career journey or you are an experienced professional, it's important to us that you feel recognized and rewarded for your contributions.
To find out more about Why Mercury?, or visit the Mercury Community or find answers to general questions at Mercury FAQs
Mercury Systems is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, protected veteran or marital status.
As an equal opportunity employer, Mercury Systems is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the number below.
(978) 256-1300
Click here read about our recent press release.
Click Here to learn about OFCCP
