System Engineer- Cyber Security Engineering Focus

Overview

This position plays a hands-on role securing systems that support critical Defense and Intelligence missions. This position is focused on applying risk management frameworks, engineering security controls, and maintaining system authorizations for cloud and on-prem environments. 

You'll work closely with other system engineers, administrators, and program teams to ensure systems are built, assessed, and operated in compliance with DoD and NIST requirements. From managing RMF and ATO packages to driving vulnerability remediation and system hardening, this role is central to maintaining secure, mission-ready systems throughout their lifecycle. 

Esri has a Relocation Assistance Program and can provide support with relocating to the St. Louis, MO area for this position. 

Responsibilities

• Apply RMF processes to support system Assessment & Authorization (A&A), including control selection, implementation, assessment, and continuous monitoring
• Develop, review, and maintain security documentation such as SSPs, POA&Ms, SARs, and ATO artifacts in tools such as XACTA or eMASS
• Conduct vulnerability assessments and compliance scans (such as ACAS) and track remediation of findings and IAVM requirements
• Implement and validate security controls aligned with NIST 800-53, CNSSI 1253, and related DoD guidance
• Support system hardening, patching, and configuration management in compliance with STIGs for Linux, Windows, and network devices
• Monitor systems for security events and supporting incident response and risk mitigation activities
• Assess security impacts of system changes and supporting configuration control boards (CCBs)
• Collaborate with system engineers, administrators, and DevSecOps teams to integrate security throughout the system lifecycle
• Provide cybersecurity risk input to program leadership, Authorizing Officials (AOs), and stakeholders

Requirements

• 8+ years of professional experience in a similar position, supporting similar responsibilities
• Professional experience with RMF, A&A, POA&M, and ATO documentation (XACTA/eMASS)
• Hands-on experience with vulnerability scanning and compliance tracking (ACAS, IAVM)
• Experience securing Linux and Windows systems, STIGs, patching, and system hardening
• Knowledge of NIST 800-series publications and incident response processes
• DoD 8570 IAT Level II or higher certification (such as Security +, CySA +, CISSP)
• Strong analytical, communication, and collaborative skills
• US citizenship with Active or Current (within 2 years of active) Top Secret Security Clearance with SCI eligibility
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology or STEM related field

Recommended Qualifications

• Scripting or development experience (Python, Java, React)
• DevSecOps tools and pipeline experience
• Experience with Linux (Red Hat/CentOS), databases, web apps, or big data platforms
• Familiarity with Agile environments and tools (Jira, Confluence)
• Experience with NIST SP 800-171 and System Security Engineering (SSE)
• Master's degree in Computer Science, Cybersecurity, Information Technology or STEM related field

#LI-SS2

#LI-Onsite