Information Assurance Security Engineer

About The Position

Requirements

• 10 + years of related experience
• Knowledge of and experience with ICD 503
• Familiarity with Cloud Infrastructure/AWS-based solutions
• IAM II certification to start in accordance with DOD 8570.1M
• Understand how our customer's RMF process work and how systems security requirements will be met.
• Work with all IT groups to build IT systems with security planned from the start.
• Work with developers, system engineers, project managers, and users to identify the level of protection systems will need.
• Understand and be able to identify what group or process will satisfy security requirement.
• Experience with Cloud Infrastructure/AWS-based technology
• Experience using security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and EMET
• Experience and scripting ability on Unix and/or RHEL OS
• Experienced with complex Microsoft macros, and PowerShell scripts
• Basic understanding of Windows Enterprise AD architecture and VMWare Virtualization
• Must be proficient in network routing/vlan technology
• 10-15 years of related experience in data security administration.
• Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Nice To Haves

• CISSP certification or equivalent (CAP, GSLC, CISM)
• System administration experience
• Network engineering experience
• System design and development experience

Responsibilities

• Provide expert technical services on all aspects of Information Security.
• Write information security policy drafts.
• Write and review Memorandum of Agreements.
• Coordinate and manage all aspects of the Certification and Accreditation.
• Advise and assess system design/architecture.
• Define, design, and evaluate information security systems.
• Manage multi-agency information sharing and integration security.
• Maintain affiliations with high-level personnel at multiple agencies and organizations involved in Information Security.
• Incident response.
• System access approval.
• Audit log review.
• Configuration Control Board.
• Daily consultations/consulting on a wide variety of security issues.
• Report, document and investigate all security related incidents.
• Assist with development and implementation of corrective measures.
• Act as the representative of the Information System Security Manager ensuring compliance with IS security procedures.
• Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies and practices and as annotated in Systems Security Plans.
• Generate and implementation of requisite security training ensuring user security awareness of responsibilities prior to system access.
• Initiate protective and corrective measures when incident or vulnerabilities are discovered.
• Ensure IA hardware and software complies with security configuration guides.
• Implement and enforce IA policies and procedures as defined by A&A documentation.
• Ensure users are aware of their IA responsibilities.
• The ability to work on multiple projects/tasks at once and operate in a dynamic, fast-paced, team-oriented environment.
• Perform Operations & Sustainment (O&S) functions for the NCE network security infrastructure (firewalls, web gateways, mail gateways, ids, load balancers, performance monitoring tools, mgt systems, etc).
• Perform maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats.
• Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts.
• Respond to escalated troubleshooting requests.
• Maintain and administer network infrastructure standards, documentation and fault tolerance.
• Present Monitoring/Test Results and Reports as required.
• Perform/support integration testing as required.
• Participates in special projects as required.
• Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization, remediation, and lien resolution.
• Execute remediation process to implement technical solutions to address vulnerability findings via ACAS security scan.
• Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies.
• System administration experience.
• Network engineering experience.
• System design and development experience.
• Defines, plans, designs, and evaluates information security systems.
• Assesses architecture and current hardware limitations, defines and designs system specifications, input/output processes and working parameters for hardware/software compatibility.
• Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures.
• Supervise the work of other engineers performing a variety of information security tasks.

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• Vision plan
• 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.