One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.
The Cybersecurity Engineer will work closely with engineering and IT teams to design, implement, assess, and audit security practices and technical configurations to ensure compliance with Viasat’s Foundational Security Principles (FSPs), and contractual controls such as NIST 800-53, NIST 800-171/172, CMMC, RMF. The position will provide opportunities to collaborate with employees across business and functional areas, and engage in working groups and communities of practice.
Our ideal candidate is a self-starter who can work independently, prioritize work based on the impact to the business, and manage multiple efforts simultaneously. The candidate will possess a broad knowledge of modern technology and security best practices, outstanding analytical skills, attention to detail, and discipline to ensure consistency and accuracy. Excellent verbal and written communication skills are critical to build and maintain relationships with stakeholders.
Job Responsibilities
- Manage security risk and vulnerability remediation.
- Support internal and external audit activities.
- Lead the resolution of identified information security and data risk issues.
- Develop and maintain an asset inventory.
- Proactively evaluate proposed changes to avoid negative impacts to risk and compliance.
- Provide recommendations for best practice architecture and confirmation options to enable critical business capabilities.
- Assist in the development, maintenance, and automation of security, risk, and compliance artifacts, including exceptions and alternative controls implemented to address non-standard use cases.
- Manage the data, technology, and automation platform to drive key risk and performance reporting and insights.
- Support engineering and IT requests related to security and compliance impacting changes within the target environments.
- Keep customers and stakeholders informed of the status, blockers, and completion of changes.
- Stay informed of industry changes, trends, and best practices related to information security.
- Lead in the testing and design of technology controls.
- Lead the initiative to provide continuous analysis and monitoring of implemented controls.
- Serve as interpreter and liaison between lab managers and technology / security product owners to implement required solutions within the target environments.
- Collaborate with technology and security product owners to address the constantly evolving landscape of our lab environments.
Requirements
- Bachelor of Science in an engineering/technology field with 6+ years of enterprise information security experience across client, infrastructure, application, and data center or cloud platforms.
- At least 3 years' experience working with Security and Auditing tools for Windows, Linux, and infrastructure operating system such HBSS and ACAS.
- Strong documentation and interpersonal skills.
- Organized self-starter with the ability to effectively meet deadlines.
- Solid understanding of security best practices, and defense in depth strategies, encompassing multiple platforms (Linux/Unix, Windows, Mac, VMware, Azure, AWS).
- Ability to interpret vulnerability scans and work with IT and engineering teams to implement timely resolutions.
- Familiarity with automation, orchestration, configuration, and endpoint management and automation technologies.
- U.S. Citizen with the ability to attain US Government Secret Clearance.
Preferences
- Possession of an information security industry recognized certification(s): (CISSP, CRISC, CISA)
- Experience developing or automating operational processes using a modern language or orchestration platform (Ansible, SCCM/MCME, Intune/Defender for Endpoint, etc.)
- Ability to interpret and create scripts via Python, PowerShell, or other scripting languages
- Experience securing applications and services in hybrid cloud environments
#LI-KC1