About the Role
Second Front Systems (2F) is looking for a battle-tested, high-agency Cybersecurity Assessment Engineer to support our team. We sit at the high-stakes intersection of defense tech and national security, and this role is about building a modern, resilient operations function from the ground up. You’ll be protecting the infrastructure and platforms that power mission-critical software for the free world—ensuring our nation’s defenders have the secure environment they need to move fast.
As a Cybersecurity Assessment Engineer at Second Front Systems, you will help ensure that Game Warden maintains a strong security posture. You will work hand-in-hand with the DevOps Engineering and Mission Success teams to oversee the software vulnerability scanning process, review vulnerability scan results, assist the customers in understanding those results, and make approval recommendations for vulnerabilities that can't be immediately resolved.
What You'll Do
- Review web application artifacts of customer developed applications and provide customer feedback.
- Act as the primary face of the cybersecurity team to software development and mission success teams.
- Assist with incident response plans to respond to application outages or downtime.
- Conduct comprehensive assessments of cloud infrastructure, applications, and containerized environments to verify compliance with DISA STIGs, SRGs, and CIS Benchmarks.
- Author, review, and maintain high-quality security artifacts, including System Security Plans (SSP), Security Assessment Plans (SAP), and Security Assessment Reports (SAR).
- Monitor and report on the ongoing effectiveness of security controls to ensure a robust security posture.
- Utilize automated scanning suites (e.g., Anchore, Trivy, Tenable) to identify vulnerabilities, distinguish true positives, and provide actionable remediation guidance.
- Implement and manage technical workflows for SBOMs (Software Bill of Materials) to support modern, continuous authorization standards.
- Partner with DevOps and Software Engineering teams to translate complex NIST 800-53 controls into implementable technical requirements.
What You Bring
- Experience solving complex and sometimes ill-defined problems.
- Intermediate knowledge of DevSecOps tools and software development.
- Background in cybersecurity and understanding of vulnerability risk analysis.
- Hands-on experience assessing or securing services within AWS, Azure, or GCP, particularly within PaaS or Kubernetes-based environments.
- Proficient knowledge of NIST SP 800-37 (RMF) and NIST SP 800-53 rev 5 security controls.
- Deep understanding of the FedRAMP authorization process and Department of Defense (DoD) security standards.
- 3-5 years of relevant experience.
- Ability to attain DOD 8570 Baseline Certification for IAT II within 6 months of hire date.
Preferred Qualifications
- Extensive experience with Department of Defense DevSecOps practices and policies.
- Experience with Docker, Gitlab, Kubernetes, Anchore, or other container scanning tools.
- Ability to write basic scripts (Python, Bash, etc.) to automate evidence collection or data parsing.
- Secret clearance is preferred.