The Role
Lead security controls implementation and risk assessment for pilot and production technology integrations. Ensure federal compliance (NIST, FISMA, RMF, FedRAMP), coordinate authorizations, define security boundaries, assess readiness for scale, support continuous monitoring, provide guidance to development and operations, and document controls and evidence aligned with CISA Zero Trust priorities.
Summary Generated by Built In
BCMC is supporting a U.S. Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Contract personnel perform investigations to characterize the severity of breaches, develop mitigation plans, and assist with the restoration of services. We are seeking a Senior Cybersecurity Engineer (Controls & Assessment Lead) to support this critical customer mission.
The Senior Cybersecurity Engineer will lead security controls implementation and risk assessment activities for technology integration initiatives. This role ensures all pilot and production integrations meet federal security requirements, maintain compliance frameworks, and align with CISA's risk reduction priorities while enabling innovation and modernization.
Responsibilities:
- Lead security controls assessment and implementation for technology integration pilots
- Establish risk frameworks for pilot design and execution activities
- Ensure compliance with federal security requirements (NIST, FISMA, FedRAMP)
- Conduct security assessments of proposed technology insertions
- Define security boundaries and controls for pilot environments
- Coordinate with RMF and security teams on authorization activities
- Ensure pilots maintain security posture and avoid becoming security liabilities
- Assess security readiness for scaling pilots into production
- Develop security metrics for measuring pilot and production outcomes
- Lead security governance review processes and decision points
- Ensure alignment with CISA Zero Trust Strategy and security architecture
- Conduct risk assessments for technology insertions across federated environments
- Support continuous monitoring and security validation of integrated capabilities
- Provide security guidance to development and operations teams
- Document security controls, procedures, and compliance evidence
Required Skills/Clearances:
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 10+ years of experience in cybersecurity engineering or security architecture
- Expert knowledge of federal security frameworks (NIST 800-53, RMF, FISMA)
- Experience leading security assessments and authorization activities
- Strong understanding of risk management and security controls implementation
- Experience with security compliance in operational environments
- Knowledge of Zero Trust architecture and implementation principles
- Experience assessing security of AI/ML and emerging technologies
- Strong analytical and problem-solving skills
- Excellent documentation and communication abilities
Desired Skills:
- ITIL, PMP, or similar operations/project management certification
- Experience with CISA programs or similar federal cybersecurity operations
- Background in security assessment of malware analysis platforms
- Experience with cloud security assessment and authorization
- Knowledge of critical infrastructure security requirements
- Experience with continuous monitoring and automated compliance tools
- Familiarity with DevSecOps and security automation practices
- Background in penetration testing or vulnerability assessment
Required Education:
BS in Cyber Security, Computer Science, or related degree; Master’s degree preferred, or HS Diploma and 7+ years of directly relevant experience
Desired Certifications:
- DoD 8140 IAT Level III
- CAP, CRISC
Our Company Overview
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vision coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
Our Company Overview
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vision coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
ESS-3422
Information Security Manager - III - ISM03
The Senior Cybersecurity Engineer will lead security controls implementation and risk assessment activities for technology integration initiatives. This role ensures all pilot and production integrations meet federal security requirements, maintain compliance frameworks, and align with CISA's risk reduction priorities while enabling innovation and modernization.
Responsibilities:
- Lead security controls assessment and implementation for technology integration pilots
- Establish risk frameworks for pilot design and execution activities
- Ensure compliance with federal security requirements (NIST, FISMA, FedRAMP)
- Conduct security assessments of proposed technology insertions
- Define security boundaries and controls for pilot environments
- Coordinate with RMF and security teams on authorization activities
- Ensure pilots maintain security posture and avoid becoming security liabilities
- Assess security readiness for scaling pilots into production
- Develop security metrics for measuring pilot and production outcomes
- Lead security governance review processes and decision points
- Ensure alignment with CISA Zero Trust Strategy and security architecture
- Conduct risk assessments for technology insertions across federated environments
- Support continuous monitoring and security validation of integrated capabilities
- Provide security guidance to development and operations teams
- Document security controls, procedures, and compliance evidence
Required Skills/Clearances:
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
- 10+ years of experience in cybersecurity engineering or security architecture
- Expert knowledge of federal security frameworks (NIST 800-53, RMF, FISMA)
- Experience leading security assessments and authorization activities
- Strong understanding of risk management and security controls implementation
- Experience with security compliance in operational environments
- Knowledge of Zero Trust architecture and implementation principles
- Experience assessing security of AI/ML and emerging technologies
- Strong analytical and problem-solving skills
- Excellent documentation and communication abilities
Desired Skills:
- ITIL, PMP, or similar operations/project management certification
- Experience with CISA programs or similar federal cybersecurity operations
- Background in security assessment of malware analysis platforms
- Experience with cloud security assessment and authorization
- Knowledge of critical infrastructure security requirements
- Experience with continuous monitoring and automated compliance tools
- Familiarity with DevSecOps and security automation practices
- Background in penetration testing or vulnerability assessment
Required Education:
BS in Cyber Security, Computer Science, or related degree; Master’s degree preferred, or HS Diploma and 7+ years of directly relevant experience
Desired Certifications:
- DoD 8140 IAT Level III
- CAP, CRISC
Our Company Overview
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vision coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
Our Company Overview
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services to all of our clients.
Benefits
Extremely competitive salary
95% employer paid for employee medical, dental, & vision coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave
ESS-3422
Information Security Manager - III - ISM03
Skills Required
- U.S. Citizenship
- Active TS/SCI clearance
- Ability to obtain DHS Entry on Duty (EOD) Suitability
- 10+ years of experience in cybersecurity engineering or security architecture
- Expert knowledge of federal security frameworks (NIST 800-53, RMF, FISMA)
- Experience leading security assessments and authorization activities
- Strong understanding of risk management and security controls implementation
- Experience with security compliance in operational environments
- Knowledge of Zero Trust architecture and implementation principles
- Experience assessing security of AI/ML and emerging technologies
- Strong analytical and problem-solving skills
- Excellent documentation and communication abilities
- BS in Cyber Security, Computer Science, or related degree (Master's preferred) or HS Diploma with 7+ years directly relevant experience
- Experience with cloud security assessment and authorization
- Familiarity with DevSecOps and security automation practices
- Experience with continuous monitoring and automated compliance tools
- Background in penetration testing or vulnerability assessment
- ITIL, PMP, or similar operations/project management certification
- DoD 8140 IAT Level III, CAP, CRISC
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
SBA certified SDB, appraised CMMI Level 3 company providing IT services to the federal government. Specializing in cyber security, enterprise architecture, service oriented architecture, business intelligence, and large data management. Our services span throughout the federal government, mainly concentrated in Department of Homeland Security and Defense Information Systems Agency.
