Home › Companies › BD1EA60AEEB10C351C9D11F5ACCAE8B8 › Cybersecurity Engineer (59903)

Cybersecurity Engineer (59903)

BD1EA60AEEB10C351C9D11F5ACCAE8B8 · REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA · Remote · Active · Paycom ATS

Job facts

Field	Value
Company	BD1EA60AEEB10C351C9D11F5ACCAE8B8
Title	Cybersecurity Engineer (59903)
Normalized title	-
Department / team	Professional Services
Location	VA, United States
Work model	Remote / Remote
Employment type	Full Time
Salary	-
Status	active
ATS provider	Paycom ATS
Posted / first seen	2026-03-10 / 2026-05-31
Changed / last seen	2026-05-31 / 2026-06-06

Related slices

Page	What it contains	Open
Company jobs	Active postings from BD1EA60AEEB10C351C9D11F5ACCAE8B8.	Open
Company breakdowns	Role, location, ATS, and work model facets for this company.	Open
ATS provider jobs	Active postings observed through Paycom ATS.	Open
Provider filtered search	The same provider as a filtered job collection.	Open
Department jobs	Active postings in Professional Services.	Open
Work model jobs	Active Remote postings.	Open
Lifecycle events	Open, update, close, and reopen events for this posting.	Open
Original posting	Canonical source or apply URL captured from the ATS.	Open

Linked records

Company	BD1EA60AEEB10C351C9D11F5ACCAE8B8
Source	7262a4a5-72a6-432d-ab32-df72cb1cd3a3
ATS provider	Paycom ATS

Description

Description BMA is seeking a Cybersecurity Engineer to support the DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract. The CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA’s J6 Information Operations (IO) Directorate. The CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments. The CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS). The role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems. The CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews. The CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle. Key responsibilities include CS engineering and system security design. Provide CS engineering support for the planning, design, development, testing, and integration of DLA information systems. Analyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design. Integrate CS engineering principles into enterprise IT, cloud environments, and OT systems. Support secure system architecture development and CS engineering documentation. Conduct vulnerability assessment and risk analysis. Conduct CS vulnerability assessments across DLA IT, Cloud, and OT environments. Evaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses. Perform risk assessments to determine the likelihood and impact of identified CS threats. Develop mitigation strategies and technical recommendations to reduce system risk and improve CS posture. Provide information assurance engineering support. Perform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies. Conduct CS assessments and security test and evaluation activities to validate compliance with CS standards. Support CS engineering reviews for both classified and unclassified information systems. Provide technical analysis of proposed CS policies and assess their impact on system architectures and security operations. Conduct CS compliance and security control validation. Evaluate compliance of DLA systems with CS policies, standards, and regulatory requirements. Identify areas of non-compliance and recommend remediation actions. Support implementation of security controls aligned with enterprise CS architecture. Assist with development and maintenance of CS standards, guides, and implementation documentation. Provide CS documentation and reporting. Develop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses. Produce implementation documentation and technical reports supporting CS engineering efforts. Document vulnerability findings and recommended mitigation strategies. Provide status updates and technical reports supporting project activities and CS operations. Perform OT security engineering. Evaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems. Assess OT system architecture, network configurations, and system interfaces for potential vulnerabilities. Provide CS engineering recommendations for OT system protection and risk mitigation. Clearance Requirement There is a Secret security clearance requirement for this role at time of proposal submission. Required Skills & Certifications DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC). DoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract). Computing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification. 10+ years of relevant information technology experience supporting cybersecurity or information assurance programs. 5+ years of Operational Technology (OT) cybersecurity experience. Demonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis. Experience supporting cybersecurity compliance assessments within large enterprise IT environments. Strong analytical and problem-solving skills related to cybersecurity engineering challenges. Experience working with enterprise IT infrastructure, network security, and cloud-based systems. Experience with STIG compliance cycles, vulnerability management, and POA&M governance. Strong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages. Strong facilitation skills for IPTs/WG sessions and cross-functional coordination. Desired Skills & Certifications TS with SCI eligibility. Experience supporting DoD or DLA program offices. Experience supporting DoD or DLA environments. BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field. Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification. One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler. Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP). Other Duties Able to travel within a week's notice. This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Overview BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country. Benefits We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. AAP & EEO Statement Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.

Full job record

Job ID	141eace94a90032feaba0892bb6620d2ba7b279d
Org ID	e8a572cb-75af-4a74-801d-c4b032cd9504
Source ID	7262a4a5-72a6-432d-ab32-df72cb1cd3a3
Board ID	7262a4a5-72a6-432d-ab32-df72cb1cd3a3
Provider	paycom
Provider Job Key	313592
Title	Cybersecurity Engineer (59903)
Normalized Title	—
Status	active
Active	yes
Location Text	REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA
Department	Professional Services
Team	—
Employment Type	full_time
Workplace Type	remote
Remote Policy	remote
Country	United States
Region	VA
City	—
Salary Raw	Description BMA is seeking a Cybersecurity Engineer to support the DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract. The CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA’s J6 Information Operations (IO) Directorate. The CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments. The CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS). The role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems. The CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews. The CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle. Key responsibilities include CS engineering and system security design. Provide CS engineering support for the planning, design, development, testing, and integration of DLA information systems. Analyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design. Integrate CS engineering principles into enterprise IT, cloud environments, and OT systems. Support secure system architecture development and CS engineering documentation. Conduct vulnerability assessment and risk analysis. Conduct CS vulnerability assessments across DLA IT, Cloud, and OT environments. Evaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses. Perform risk assessments to determine the likelihood and impact of identified CS threats. Develop mitigation strategies and technical recommendations to reduce system risk and improve CS posture. Provide information assurance engineering support. Perform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies. Conduct CS assessments and security test and evaluation activities to validate compliance with CS standards. Support CS engineering reviews for both classified and unclassified information systems. Provide technical analysis of proposed CS policies and assess their impact on system architectures and security operations. Conduct CS compliance and security control validation. Evaluate compliance of DLA systems with CS policies, standards, and regulatory requirements. Identify areas of non-compliance and recommend remediation actions. Support implementation of security controls aligned with enterprise CS architecture. Assist with development and maintenance of CS standards, guides, and implementation documentation. Provide CS documentation and reporting. Develop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses. Produce implementation documentation and technical reports supporting CS engineering efforts. Document vulnerability findings and recommended mitigation strategies. Provide status updates and technical reports supporting project activities and CS operations. Perform OT security engineering. Evaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems. Assess OT system architecture, network configurations, and system interfaces for potential vulnerabilities. Provide CS engineering recommendations for OT system protection and risk mitigation. Clearance Requirement There is a Secret security clearance requirement for this role at time of proposal submission. Required Skills & Certifications DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC). DoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract). Computing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification. 10+ years of relevant information technology experience supporting cybersecurity or information assurance programs. 5+ years of Operational Technology (OT) cybersecurity experience. Demonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis. Experience supporting cybersecurity compliance assessments within large enterprise IT environments. Strong analytical and problem-solving skills related to cybersecurity engineering challenges. Experience working with enterprise IT infrastructure, network security, and cloud-based systems. Experience with STIG compliance cycles, vulnerability management, and POA&M governance. Strong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages. Strong facilitation skills for IPTs/WG sessions and cross-functional coordination. Desired Skills & Certifications TS with SCI eligibility. Experience supporting DoD or DLA program offices. Experience supporting DoD or DLA environments. BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field. Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification. One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler. Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP). Other Duties Able to travel within a week's notice. This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Overview BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country. Benefits We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. AAP & EEO Statement Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.
Salary Min	—
Salary Max	—
Salary Currency	—
Salary Period	week
Source URL	https://www.paycomonline.net/v4/ats/web.php/jobs/ViewJobDetails?job=313592&clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8
Apply URL	https://www.paycomonline.net/v4/ats/web.php/jobs/ViewJobDetails?job=313592&clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8
First Seen At	2026-05-31 19:06:22Z
Last Seen At	2026-06-06 09:54:32Z
Last Checked At	2026-06-06 09:54:32Z
Last Changed At	2026-05-31 19:06:22Z
Inactive At	—
Source Posted At	2026-03-10 00:00:00Z
Source Updated At	—
Raw Payload Uri	s3://job-postings-prod-raw-590183727216/raw/provider=paycom/board=BD1EA60AEEB10C351C9D11F5ACCAE8B8/date=2026-06-06/2026-06-06T09-54-30-911Z-08cd82c2529cf77aaa55d1a7bc8ead4a537d3a19986febc3cdce99f22689fe7e.json

Event Fields

{
  "content_hash": "5955efac9e89f626ee16ff8f9dd526b607ccca5ddea41e695ffda6cf45c3344b",
  "source_hash": "b3a83dd41926e87ea72102f5479ff2bba14ffa778b82c091b41f4154a8424263",
  "last_changed_at": "2026-05-31T19:06:22.044Z",
  "active_status": "active"
}

Parsed Structured

{
  "language": "en",
  "location": {
    "raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
    "city": null,
    "region": "VA",
    "country": "United States",
    "is_remote": true,
    "confidence": 0.8
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T09:54:32.600Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
      "city": null,
      "region": "VA",
      "country": "United States",
      "is_remote": true,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "remote",
  "salary_period": "week",
  "workplace_type": "remote",
  "salary_currency": null
}

Extensions

{}

Native Structured

{
  "detail": {
    "city": "Remote",
    "jobId": 313592,
    "level": "Experienced",
    "endDate": "",
    "legalId": 4330,
    "isHotJob": false,
    "jobShift": "Day",
    "jobTitle": "Cybersecurity Engineer (59903)",
    "location": "REMOTE (United States) - Remote, VA 22211",
    "startDate": "",
    "clientCode": "0QS68",
    "remoteType": "",
    "description": "<p style=\"text-align:center\"><span style=\"display:block; font-size:16px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">BMA is seeking a <strong>Cybersecurity Engineer</strong>&nbsp;to support the&nbsp;<span style=\"color:black\">DLA Cybersecurity Web/App Vulnerability Management Support Services</span> program. This is a fully<strong>&nbsp;remote&nbsp;</strong>position and&nbsp;<strong>contingent</strong>&nbsp;on contract award.</span></span></p>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Job Summary&nbsp;</strong></span></span></p>\n\n<ul>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">BMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA&rsquo;s J6 Information Operations (IO) Directorate.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS).</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">The CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Key responsibilities include CS engineering and system security design.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide CS engineering support for the planning, design, development, testing, and integration of DLA information systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Analyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Integrate CS engineering principles into enterprise IT, cloud environments, and OT systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Support secure system architecture development and CS engineering documentation.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Conduct vulnerability assessment and risk analysis.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Conduct CS vulnerability assessments across DLA IT, Cloud, and OT environments.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Evaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Perform risk assessments to determine the likelihood and impact of identified CS threats.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Develop mitigation strategies and technical recommendations to reduce system risk and improve CS posture.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide information assurance engineering support.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Perform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Conduct CS assessments and security test and evaluation activities to validate compliance with CS standards.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Support CS engineering reviews for both classified and unclassified information systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide technical analysis of proposed CS policies and assess their impact on system architectures and security operations.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Conduct CS compliance and security control validation.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Evaluate compliance of DLA systems with CS policies, standards, and regulatory requirements.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Identify areas of non-compliance and recommend remediation actions.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Support implementation of security controls aligned with enterprise CS architecture.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Assist with development and maintenance of CS standards, guides, and implementation documentation.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide CS documentation and reporting.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Develop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Produce implementation documentation and technical reports supporting CS engineering efforts.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Document vulnerability findings and recommended mitigation strategies.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide status updates and technical reports supporting project activities and CS operations.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Perform OT security engineering.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Evaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Assess OT system architecture, network configurations, and system interfaces for potential vulnerabilities.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Provide CS engineering recommendations for OT system protection and risk mitigation.</span></span></li>\n</ul>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Clearance Requirement&nbsp;</strong></span></span></p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">There is a Secret security clearance requirement for this role at time of proposal submission.&nbsp;</span></span></p>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Required Skills &amp; Certifications&nbsp;</strong></span></span></p>\n\n<ul>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT)&nbsp;Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC).</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">DoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional &ndash; Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract).&nbsp;</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Computing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">10+ years of relevant information technology experience supporting cybersecurity or information assurance programs.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">5+ years of Operational Technology (OT) cybersecurity experience.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Demonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Experience supporting cybersecurity compliance assessments within large enterprise IT environments.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Strong analytical and problem-solving skills related to cybersecurity engineering challenges.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Experience working with enterprise IT infrastructure, network security, and cloud-based systems.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Experience with STIG compliance cycles, vulnerability management, and POA&amp;M governance.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Strong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Strong facilitation skills for IPTs/WG sessions and cross-functional coordination.</span></span><br />\n\t&nbsp;</li>\n</ul>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Desired Skills &amp; Certifications&nbsp;</strong></span></span></p>\n\n<ul>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">TS with SCI eligibility.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Experience supporting DoD or DLA program offices.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Experience supporting DoD or DLA environments.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).</span></span></li>\n</ul>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Other Duties</strong></span></span></p>\n\n<ul>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Able to travel within a week&#39;s notice.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.</span></span></li>\n\t<li><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">Duties, responsibilities, and activities may change at any time with or without notice.&nbsp;</span></span><br />\n\t&nbsp;</li>\n</ul>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Overview</strong></span></span></p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.</span></span></p>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>Benefits</strong></span></span></p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\">We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;</span></span></p>\n\n<p>&nbsp;</p>\n\n<p><span style=\"display:block; font-size:14px\"><span style=\"font-family:Arial,Helvetica,sans-serif\"><strong>AAP &amp; EEO Statement</strong><br />\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.&nbsp;</span></span></p>\n",
    "jobCategory": "Professional Services",
    "salaryRange": "",
    "socialMedia": {
      "xLink": null,
      "emailLink": {
        "subject": "Bma%20Technical%20Services%20Inc%20Job%20Opportunity%20Cybersecurity%20Engineer%20%2859903%29",
        "summary": "BMA%20is%20seeking%20a%20Cybersecurity%20Engineer%C2to%20support%20the%C2DLA%20Cybersecurity%20Web%2FApp%20Vulnerability%20Management%20Support%20Services%20program.%20This%20is%20a%20fully%C2remote%C2position%20and%C2contingent%C2on%20contract%20award.%0A%0A%C2%0A%0AJob%20Summary%C2%0A%0A%0A%09BMA%20is%20seeking%20a%20Cybersecurity%20Engineer%20%28CE%29%20to%20support%20our%20DLA%20Cybersecurity%20Web%2FApp%20Vulnerability%20Management%20Support%20Services%20contract.%0A%09The%20CE%20provides%20advanced%20cybersecurity%20%28CS%29%20engineering%20support%20for%20the%20Cybersecurity%20Web%2FApplication%20Vulnerability%20Management%20Branch%20supporting%20DLA%E2%80%99s%20J6%20Information%20Operations%20%28IO%29%20Directorate.%0A%09The%20CE%20supports%20the%20assessment%2C%20analysis%2C%20and%20remediation%20of%20CS%20vulnerabilities%20across%20DLA%20enterprise%20IT%2C%20Cloud%2C%20and%20Operational%20Technology%20%28OT%29%20environments.%0A%09The%20CE%20performs%20CS%20engineering%20and%20vulnerability%20analysis%20activities%20to%20ensure%20the%20confidentiality%2C%20integrity%2C%20and%20availability%20of%20DLA%20information%20systems%20%28IS%29.%0A%09The%20role%20focuses%20on%20evaluating%20system%20architectures%2C%20identifying%20security%20weaknesses%2C%20conducting%20CS%20assessments%2C%20and%20recommending%20risk-based..."
      },
      "facebookLink": {
        "redirectUri": "",
        "facebookAppId": "773759036043100"
      },
      "linkedInLink": {}
    },
    "isQuickApply": false,
    "positionType": "Full Time",
    "countryPaidIn": "",
    "googleJobJson": "{\"@context\":\"https://schema.org/\",\"@type\":\"JobPosting\",\"title\":\"Cybersecurity Engineer (59903)\",\"identifier\":\"J0QS68313592\",\"url\":\"https://www.paycomonline.net/v4/ats/web.php/portal/BD1EA60AEEB10C351C9D11F5ACCAE8B8/jobs/313592\",\"image\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\",\"datePosted\":\"2026-03-10\",\"description\":\"Job DetailsLevel: ExperiencedJob Location: REMOTE (United States) - Remote, VA 22211Position Type: Full TimeEducation Level: Bachelor's DegreeTravel Percentage: Occasionally Job Shift: DayJob Category: Professional ServicesBMA is seeking a Cybersecurity Engineer&nbsp;to support the&nbsp;DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully&nbsp;remote&nbsp;position and&nbsp;contingent&nbsp;on contract award.\\n\\n&nbsp;\\n\\nJob Summary&nbsp;\\n\\n\\n\\tBMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract.\\n\\tThe CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA&rsquo;s J6 Information Operations (IO) Directorate.\\n\\tThe CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments.\\n\\tThe CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS).\\n\\tThe role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems.\\n\\tThe CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews.\\n\\tThe CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle.\\n\\tKey responsibilities include CS engineering and system security design.\\n\\tProvide CS engineering support for the planning, design, development, testing, and integration of DLA information systems.\\n\\tAnalyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design.\\n\\tIntegrate CS engineering principles into enterprise IT, cloud environments, and OT systems.\\n\\tSupport secure system architecture development and CS engineering documentation.\\n\\tConduct vulnerability assessment and risk analysis.\\n\\tConduct CS vulnerability assessments across DLA IT, Cloud, and OT environments.\\n\\tEvaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses.\\n\\tPerform risk assessments to determine the likelihood and impact of identified CS threats.\\n\\tDevelop mitigation strategies and technical recommendations to reduce system risk and improve CS posture.\\n\\tProvide information assurance engineering support.\\n\\tPerform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies.\\n\\tConduct CS assessments and security test and evaluation activities to validate compliance with CS standards.\\n\\tSupport CS engineering reviews for both classified and unclassified information systems.\\n\\tProvide technical analysis of proposed CS policies and assess their impact on system architectures and security operations.\\n\\tConduct CS compliance and security control validation.\\n\\tEvaluate compliance of DLA systems with CS policies, standards, and regulatory requirements.\\n\\tIdentify areas of non-compliance and recommend remediation actions.\\n\\tSupport implementation of security controls aligned with enterprise CS architecture.\\n\\tAssist with development and maintenance of CS standards, guides, and implementation documentation.\\n\\tProvide CS documentation and reporting.\\n\\tDevelop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses.\\n\\tProduce implementation documentation and technical reports supporting CS engineering efforts.\\n\\tDocument vulnerability findings and recommended mitigation strategies.\\n\\tProvide status updates and technical reports supporting project activities and CS operations.\\n\\tPerform OT security engineering.\\n\\tEvaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems.\\n\\tAssess OT system architecture, network configurations, and system interfaces for potential vulnerabilities.\\n\\tProvide CS engineering recommendations for OT system protection and risk mitigation.\\n\\n\\n&nbsp;\\n\\nClearance Requirement&nbsp;\\n\\nThere is a Secret security clearance requirement for this role at time of proposal submission.&nbsp;\\n\\n&nbsp;\\n\\nRequired Skills &amp; Certifications&nbsp;\\n\\n\\n\\tDoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT)&nbsp;Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC).\\n\\tDoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional &ndash; Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract).&nbsp;\\n\\tComputing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification.\\n\\t10+ years of relevant information technology experience supporting cybersecurity or information assurance programs.\\n\\t5+ years of Operational Technology (OT) cybersecurity experience.\\n\\tDemonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis.\\n\\tExperience supporting cybersecurity compliance assessments within large enterprise IT environments.\\n\\tStrong analytical and problem-solving skills related to cybersecurity engineering challenges.\\n\\tExperience working with enterprise IT infrastructure, network security, and cloud-based systems.\\n\\tExperience with STIG compliance cycles, vulnerability management, and POA&amp;M governance.\\n\\tStrong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages.\\n\\tStrong facilitation skills for IPTs/WG sessions and cross-functional coordination.\\n\\t&nbsp;\\n\\n\\nDesired Skills &amp; Certifications&nbsp;\\n\\n\\n\\tTS with SCI eligibility.\\n\\tExperience supporting DoD or DLA program offices.\\n\\tExperience supporting DoD or DLA environments.\\n\\tBS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.\\n\\tProject Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.\\n\\tOne or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.\\n\\tCurrent Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).\\n\\n\\n&nbsp;\\n\\nOther Duties\\n\\n\\n\\tAble to travel within a week&#39;s notice.\\n\\tThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.\\n\\tDuties, responsibilities, and activities may change at any time with or without notice.&nbsp;\\n\\t&nbsp;\\n\\n\\nOverview\\n\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\n\\n&nbsp;\\n\\nBenefits\\n\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;\\n\\n&nbsp;\\n\\nAAP &amp; EEO Statement\\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.&nbsp;\\nQualifications\",\"responsibilities\":\"BMA is seeking a Cybersecurity Engineer&nbsp;to support the&nbsp;DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully&nbsp;remote&nbsp;position and&nbsp;contingent&nbsp;on contract award.\\n\\n&nbsp;\\n\\nJob Summary&nbsp;\\n\\n\\n\\tBMA is seeking a Cybersecurity Engineer (CE) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract.\\n\\tThe CE provides advanced cybersecurity (CS) engineering support for the Cybersecurity Web/Application Vulnerability Management Branch supporting DLA&rsquo;s J6 Information Operations (IO) Directorate.\\n\\tThe CE supports the assessment, analysis, and remediation of CS vulnerabilities across DLA enterprise IT, Cloud, and Operational Technology (OT) environments.\\n\\tThe CE performs CS engineering and vulnerability analysis activities to ensure the confidentiality, integrity, and availability of DLA information systems (IS).\\n\\tThe role focuses on evaluating system architectures, identifying security weaknesses, conducting CS assessments, and recommending risk-based mitigation strategies to improve the overall CS posture of DLA systems.\\n\\tThe CE supports the evaluation of CS compliance with federal and DoD policies and provides technical expertise in system design, security engineering, vulnerability analysis, and CS architecture reviews.\\n\\tThe CE works closely with Program Managers (PMs), Information System Security Managers (ISSMs), system administrators (SA), network engineers (NE), and Authorizing Officials (AOs) to ensure CS controls are properly implemented and maintained throughout the system lifecycle.\\n\\tKey responsibilities include CS engineering and system security design.\\n\\tProvide CS engineering support for the planning, design, development, testing, and integration of DLA information systems.\\n\\tAnalyze system architectures and infrastructure to identify CS risks and recommend improvements to system security design.\\n\\tIntegrate CS engineering principles into enterprise IT, cloud environments, and OT systems.\\n\\tSupport secure system architecture development and CS engineering documentation.\\n\\tConduct vulnerability assessment and risk analysis.\\n\\tConduct CS vulnerability assessments across DLA IT, Cloud, and OT environments.\\n\\tEvaluate system configurations and architectures to identify potential vulnerabilities and security weaknesses.\\n\\tPerform risk assessments to determine the likelihood and impact of identified CS threats.\\n\\tDevelop mitigation strategies and technical recommendations to reduce system risk and improve CS posture.\\n\\tProvide information assurance engineering support.\\n\\tPerform analysis of existing and emerging information systems to evaluate compliance with DoD and federal CS policies.\\n\\tConduct CS assessments and security test and evaluation activities to validate compliance with CS standards.\\n\\tSupport CS engineering reviews for both classified and unclassified information systems.\\n\\tProvide technical analysis of proposed CS policies and assess their impact on system architectures and security operations.\\n\\tConduct CS compliance and security control validation.\\n\\tEvaluate compliance of DLA systems with CS policies, standards, and regulatory requirements.\\n\\tIdentify areas of non-compliance and recommend remediation actions.\\n\\tSupport implementation of security controls aligned with enterprise CS architecture.\\n\\tAssist with development and maintenance of CS standards, guides, and implementation documentation.\\n\\tProvide CS documentation and reporting.\\n\\tDevelop CS engineering documentation including risk assessment reports, architecture assessments, and security engineering analyses.\\n\\tProduce implementation documentation and technical reports supporting CS engineering efforts.\\n\\tDocument vulnerability findings and recommended mitigation strategies.\\n\\tProvide status updates and technical reports supporting project activities and CS operations.\\n\\tPerform OT security engineering.\\n\\tEvaluate CS risks associated with DLA OT environments including industrial control systems and facility-related control systems.\\n\\tAssess OT system architecture, network configurations, and system interfaces for potential vulnerabilities.\\n\\tProvide CS engineering recommendations for OT system protection and risk mitigation.\\n\\n\\n&nbsp;\\n\\nClearance Requirement&nbsp;\\n\\nThere is a Secret security clearance requirement for this role at time of proposal submission.&nbsp;\\n\\n&nbsp;\\n\\nRequired Skills &amp; Certifications&nbsp;\\n\\n\\n\\tDoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAT)&nbsp;Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC / SANS GIAC Security Leadership Certification (GSLC).\\n\\tDoD 8570/8140 Information Assurance System Architecture and Engineering (IASAE) Level III such as the ISC2 Certified Information Systems Security Professional &ndash; Information Systems Security Architecture Professional (CISSP-ISSAP). (must obtain IASAE Level III within 6 months of starting the contract).&nbsp;\\n\\tComputing Environment (CE) Certification: one or more of the following Microsoft Certified Solutions Associate (MCSA) or Expert (MCSE), Cisco Certified Network Associate (CCNA), Microsoft Azure Security Technologies, Amazon Certified Security, or other relevant computing environment certification.\\n\\t10+ years of relevant information technology experience supporting cybersecurity or information assurance programs.\\n\\t5+ years of Operational Technology (OT) cybersecurity experience.\\n\\tDemonstrated experience performing cybersecurity engineering activities including system security design, vulnerability assessment, and risk analysis.\\n\\tExperience supporting cybersecurity compliance assessments within large enterprise IT environments.\\n\\tStrong analytical and problem-solving skills related to cybersecurity engineering challenges.\\n\\tExperience working with enterprise IT infrastructure, network security, and cloud-based systems.\\n\\tExperience with STIG compliance cycles, vulnerability management, and POA&amp;M governance.\\n\\tStrong technical writing skills producing RMF artifacts, policy/procedure documents, and audit-ready evidence packages.\\n\\tStrong facilitation skills for IPTs/WG sessions and cross-functional coordination.\\n\\t&nbsp;\\n\\n\\nDesired Skills &amp; Certifications&nbsp;\\n\\n\\n\\tTS with SCI eligibility.\\n\\tExperience supporting DoD or DLA program offices.\\n\\tExperience supporting DoD or DLA environments.\\n\\tBS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.\\n\\tProject Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.\\n\\tOne or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.\\n\\tCurrent Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).\\n\\n\\n&nbsp;\\n\\nOther Duties\\n\\n\\n\\tAble to travel within a week&#39;s notice.\\n\\tThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.\\n\\tDuties, responsibilities, and activities may change at any time with or without notice.&nbsp;\\n\\t&nbsp;\\n\\n\\nOverview\\n\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\n\\n&nbsp;\\n\\nBenefits\\n\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;\\n\\n&nbsp;\\n\\nAAP &amp; EEO Statement\\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.&nbsp;\\n\",\"employmentType\":\"FULL_TIME\",\"hiringOrganization\":{\"@type\":\"Organization\",\"name\":\"BMA TECHNICAL SERVICES INC\",\"logo\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\"},\"jobLocation\":{\"@type\":\"Place\",\"address\":{\"streetAddress\":\"No Address \",\"addressLocality\":\"Remote\",\"addressRegion\":\"VA\",\"postalCode\":22211,\"addressCountry\":\"USA\"}},\"industry\":\"Professional Services\",\"validThrough\":\"-0001-11-30\",\"workHours\":\"Day\",\"educationRequirements\":\"Bachelor's Degree\"}",
    "applyAvailable": true,
    "educationLevel": "Bachelor's Degree",
    "qualifications": "",
    "descriptionTitle": "Description",
    "travelPercentage": "Occasionally ",
    "jobYoutubeVideoId": "",
    "legalRevisionDate": {
      "date": "2025-05-05T14:10:08.000Z",
      "timezone": "America/Chicago",
      "timezone_type": 3
    },
    "secondaryLocations": [],
    "primaryPhoneCountry": "US",
    "primaryPhoneEnabled": true,
    "qualificationsTitle": "Qualifications",
    "primaryPhoneRequired": true,
    "primaryPhoneNumberDoesNotExist": false
  },
  "preview": {
    "jobId": 313592,
    "isHotJob": false,
    "jobTitle": "Cybersecurity Engineer (59903)",
    "postedOn": "",
    "locations": "REMOTE (United States) - Remote, VA 22211",
    "remoteType": "",
    "description": "BMA is seeking a Cybersecurity Engineer to support the DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully re...",
    "positionType": "Full Time"
  },
  "detail_meta": {
    "url": "https://portal-applicant-tracking.us-cent.paycomonline.net/api/ats/job-postings/313592",
    "http_status": 200,
    "content_type": "application/json",
    "response_bytes": 49088
  },
  "detail_errors": []
}

Get this page with API

Rendered from the bluedoor Job Postings API. Reproduce it:

GET https://api.bluedoor.sh/job-postings/v1/jobs/141eace94a90032feaba0892bb6620d2ba7b279d?include=descriptionJSON

GET https://api.bluedoor.sh/job-postings/v1/orgs/e8a572cb-75af-4a74-801d-c4b032cd9504JSON

GET https://api.bluedoor.sh/job-postings/v1/sources/7262a4a5-72a6-432d-ab32-df72cb1cd3a3JSON

GET https://api.bluedoor.sh/job-postings/v1/jobs/141eace94a90032feaba0892bb6620d2ba7b279d/eventsJSON

Docs · Get an API key