Microchip Technology Inc.
Receive alerts when this company posts new jobs.
Product Security Engineer - (Cyber Security)
at Microchip Technology Inc.
Microchip’s Frequency and Time business unit is a world leader in precise time solutions and sets the world's standard for time. The business unit generates, distributes and applies precise time for the communications, aerospace/defense, IT infrastructure, and metrology industries. Microchip's customers, from communications service providers and network equipment manufacturers to governments and their suppliers worldwide, are able to build more reliable networks and systems by using the company's advanced timing technologies, atomic clocks, services, and solutions. Microchip products support today's precise timing standards, including GPS-based timing, IEEE 1588 (PTP), Network Time Protocol (NTP), and Synchronous Ethernet.
Our Government Systems group in Boulder, CO is seeking a Cyber Security Engineer to perform the following responsibilities in support of multiple classified programs and customers:
- Perform Information Technology (IT) administration, security, and technology management on information systems, including RedHat Enterprise Linux (RHEL), CentOS, and Windows.
- Recommend, design, implement, and test timing system aspects related to information security, information systems, networking, virtualization, etc.
- Support the integration of products with customers’ enterprise infrastructure (User authentication, vulnerability scanning, audit log collection, etc.).
- Lead assessment and authorization (A&A) efforts to ensure compliance with ICD 503 and RMF
- Generate and maintain A&A related documentation and system Xacta records, including system security plan, security controls traceability matrix, certification test procedures and reports, and security liens (POA&Ms).
- Perform configuration and security hardening of computers in compliance with NIST 800-53 controls, DISA STIGs, and customer security requirements.
- Perform system patching, continuous monitoring actions in accordance with the system’s continuous monitoring plan, and documentation updates in the system Archer records.
- Prepare presentations, reports, research, and other contract deliverables. Participate in customer meetings and reviews.
- Bachelor’s degree in an information systems or engineering discipline, or equivalent experience.
- 4+ years of applicable experience in cyber security, information security and/or information assurance plus IT administration.
- Strong background in Linux IT administration (e.g., RHEL/CentOS 6, 7).
- Self-motivated, independent worker with ability to lead efforts through complete design cycle from requirements development to customer acceptance.
- Excellent written and verbal communication skills and ability to interact well with external and internal customers in group environments.
- Minimal travel required.
- U.S. Citizenship required.
- Ability to pass a US Government, Single Scope Background Investigation (SSBI) and obtain and maintain a Top Secret (TS/SCI) clearance.
- Candidates with current TS/SCI clearance strongly preferred.
- Experience with ICD 503, RMF, and associated tool sets - Xacta, Archer, Nessus, Security Center, NetWitness, HBSS.
- Prior experience as an Information Systems Security Officer (ISSO) or Information Systems Security Engineer (ISSE).
- Experience with Defense Information Systems Agency (DISA) Security Technical Information Guide (STIG) implementation and scanning tools (e.g., SCAP, nessus, etc.).
- Knowledge of network technologies, including firewalls, user authentication (e.g,. LDAP, TACACS+, RADIUS), and domain structures.
- Experience with software development or scripting, especially Python and bash.
- Professional security certification (e.g., Security+, CISSP, etc.).