General Dynamics is a leading company that engineers a diverse portfolio of high technology solutions for defense and scientific arenas. They are seeking an Entry Level Cybersecurity Systems Engineer to support Navy information systems through the entire authorization process while ensuring compliance with security standards and practices.
Shepherd multiple Navy information systems through the full ATO lifecycle (Categorize, Select, Implement, Assess, Authorize, Monitor)
Build and maintain authorization package artifacts: SSPs, SAPs, SARs, RARs, POA&Ms, architectural diagrams, HW/SW inventories, and continuous monitoring strategies
Develop, review, and maintain authorization boundary diagrams that clearly delineate system scope, data flows, interconnections, and external interfaces
Assess and validate NIST SP 800-53 security controls; write control satisfaction narratives with rigor to withstand SCA/AO scrutiny
Implement and validate STIGs across diverse system components; track findings through resolution or risk acceptance
Conduct vulnerability scans (ACAS/Nessus, SCAP), interpret results, and translate findings into remediation plans and residual risk determinations
Manage POA&M items - creation, milestone tracking, risk characterization, and closure with evidence
Support continuous monitoring including periodic control assessments, ongoing authorization evidence collection, and change-impact analysis
Integrate security assessment activities into DevSecOps CI/CD pipelines where applicable
Qualification
Required
Bachelor's degree in Engineering, or a related Science or Mathematics field, plus 1 year relevant experience; or Master's degree
Department of Defense Secret Security clearance is required within a reasonable period of time
U.S. citizenship is required
Experience executing the RMF lifecycle (NIST SP 800-37) from categorization (FIPS 199/CNSSI 1253) through ATO and continuous monitoring
Knowledge of NIST SP 800-53; ability to assess implementations, write defensible narratives, and identify gaps
Experience applying and verifying STIGs across OSes, network devices, databases, and applications using STIG Viewer and SCAP tools
Experience with ACAS/Nessus; ability to interpret results and drive remediation
Ability to produce and maintain RMF artifacts (SSPs, SARs, SAPs, RARs, POA&Ms) that satisfy RMF requirements
Can translate technical findings into risk-informed language for system owners and PMs
Understanding of system architectures, data flows, boundaries, and how security requirements map to implementations
Preferred
Experience with Navy RMF implementation, including Navy-specific overlays, NAVSEA processes, and authorization workflows
Experience with eMASS and VRAM
Experience with DoD cloud authorization (IL4–IL6), FedRAMP reciprocity, or container security (Kubernetes/OpenShift)
Experience with DevSecOps toolchains and security gates in CI/CD pipelines
Experience supporting SCA evaluations or serving as an ISSE
Works independently under limited direction across concurrent efforts
Identifies opportunities to apply AI for continuous improvement and innovation
Active Secret clearance (or ability to get one within a reasonable amount of time)
Benefits
Flexible schedules with every other Friday off work, if desired (9/80 schedule)
Competitive benefits, including 401k matching, flex time off, paid parental leave, healthcare benefits, health & wellness programs, employee resource and social groups, and more
General Dynamics is a defense industry contractor for shipbuilding, marine, combat and defense systems and, munitions.
Glassdoor
3.4
Founded in 1899
Falls Church, Virginia, USA
10001+ employees
https://www.gd.com
General Dynamics is a defense industry contractor for shipbuilding, marine, combat and defense systems and, munitions.