Information Systems Security Engineer

About The Position

Requirements

• Subject matter expertise in applications, systems, network cybersecurity, and DoD Risk Management Framework (RMF) requirements

Responsibilities

• Install, configure, and troubleshoot solutions with a wide selection of Cyber industry tools
• Work with identity management/rights management tools and implementation models
• Application of PKI and other common cryptographic best practices
• Manage, implement, and maintain security tools and technologies, such as Trellix Endpoint Security (ENS), Assured Compliance Assessment Solution (ACAS), SolarWinds Security Event Monitor (SEM)
• Perform vulnerability scans and analysis using ACAS tools
• Conduct Security Content Automation Protocol (SCAP) scans to ensure Security Technical Implementation Guide (STIG) compliance
• Monitor and analyze network audit logs and create rules and automation to enhance monitoring capabilities.
• Recommend new tools and security controls to improve the security posture of the network
• Assist in creating customer reports, Authority to Operate (ATO) packages, security plans, and security assessments for new hardware and software
• Perform continuous monitoring functions such as system audits, user account audits, and Plan of Action and Milestone (POA&M) reviews
• Be willing to learn new technologies, stay up-to-date on security trends, and familiarize yourself with new and existing Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) implementation standards.