Cyber Security Engineer - GCCS-J

Program Summary

GCCS-J is the DoD's Joint Command and Control system of record, providing a fused, real-time operational picture to commanders and warfighters. The modernization effort emphasizes secure cloud-native architecture, microservices, advanced data ingestion, improved data integrity, and alignment with JADC2 objectives. Cybersecurity is foundational to this effort, ensuring all software, systems, and infrastructure meet stringent DoD security, accreditation, and operational resilience requirements.

Position Summary

The Cyber Security Engineer supports and/or leads cybersecurity, Information Assurance (IA), and Risk Management Framework (RMF) activities within classified GCCS-J development and integration environments. This role is responsible for ensuring compliance with DoD cybersecurity standards, supporting secure system configurations, performing vulnerability assessments, and contributing to accreditation efforts.

The engineer collaborates closely with developers, testers, ISSMs/ISSOs, and government stakeholders to secure SIPR-based environments and integrate security practices across the software development lifecycle.

Key Responsibilities

IA & RMF Activities

• Support and/or lead RMF activities, including security control implementation and accreditation efforts
• Ensure compliance with DoD IA controls, DISA STIGs, SRGs, and security baselines

SIPR Lab Security Operations

• Support secure operation of SIPR-based development and integration environments
• Perform system hardening, patching, and secure configuration management

Security Validation & Vulnerability Management

• Conduct vulnerability scans, compliance checks, and security assessments
• Document findings, track remediation, and validate corrective actions

Secure Software Engineering

• Support and guide secure coding practices and secure architecture design
• Review software, data flows, and system configurations for security risks

DevSecOps Integration