Information Assurance/Security Engineer, Staff
About The Position
Are you a Cybersecurity Engineer seeking a new position? If so, we have an opportunity for you! The Cybersecurity Engineer will conduct comprehensive cybersecurity vulnerability assessments of DoD information systems, networks, and platforms utilizing the latest automated and manual tools mandated by the Defense Information Systems Agency (DISA), including all relevant Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG), automated Benchmark files, the Security Content Automation Protocol (SCAP) Compliance Checker (SCC), the Assured Content Assessment Solution (ACAS), and the Nessus Security Center. As a Cybersecurity Engineer, you will: Work with a team of driven, supportive and highly skilled professionals. Receive a robust benefits package that includes our Employee Stock Ownership Plan! (ESOP). Enjoy flexibility managing your work hours and personal needs with a single accrual leave plan.
Requirements
- U.S. Citizenship and active Secret clearance
- Bachelor's degree and 6-8 years of related work experience
- Cybersecurity certification at the DoDI 8140.02 intermediate level (Security+ for example)
- Demonstrated experience with the DoD RMF process, specifically as it pertains to securing and accrediting boundaries within a DoD enclave
- Demonstrated experience with using security tools such as SCC/SCAP and ACAS in order to identify and address mitigation of security findings
- Advanced knowledge of DoD STIGS applicable to MS technology, MS Best Practices, and RedHat Linux technology .
- Advanced knowledge of MS Active Directory, MS servers, and RedHat Linux servers
- Advanced knowledge of Trellix Endpoint Security Solutions, MS Enterprise Windows Defender, SCC/SCAP scanning, and ACAS scanning
- Minimum 6-8 years of experience in MS and RedHat Linux systems administration and working on complex systems and software programs
- Experience working within a disciplined, process-based Configuration Management Framework
- Account management and group policy experience using MS Active Directory
- Experience managing and mitigating system security risks
- Experience developing and managing MS Active Directory Schemas and Group Policy Objects (GPO)
- Experience with PowerShell management and scripting
Responsibilities
- Conduct reviews, audits, and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
- Maintain day-to-day security posture and continuous monitoring of the cybersecurity tools to protect classified information systems.
- Conduct security reviews in accordance with NIST guidelines, conduct security assessments, and conduct control testing to ensure that all relevant controls are thoroughly assessed.
- Ensure security policies, procedures, and recommendations comply with FISMA, NIST, and Organizational guidelines as well as technical best practices.
- Maintain day-to-day security posture and continuous monitoring using cybersecurity tools designed to protect classified information systems.
- Maintain security Assessment and Authorization (A&A) documentation of assigned systems in accordance with the Risk Management Framework (RMF), performing audits and incident response activities, interfacing with clients and/or Government personnel, and maintaining a thorough understanding of NIST 800-53 controls.
Benefits
- healthcare benefits
- paid leave
- retirement plans
- insurance programs
- education and training assistance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1,001-5,000 employees
