IT Modernization Information Systems Security Engineer
Modern Technology Solutions Inc•Washington, DC
•Onsite
About The Position
MTSI is seeking an IT Modernization Information Systems Security Engineer whose primary function will be to provide Senior Cloud Information Systems Security Engineer support to the government program manager.
Requirements
- 12+ years' technical experience in cybersecurity, information technology, or systems engineering
- Excellent communication skills (verbal and written)
- Must have experience working with Special Access Programs (SAPs)
- Strong proficiency in Cloud architecture and associated security elements
- Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
- Advanced knowledge in Secure systems engineering practices, including threat modeling, security architecture design, and/or system hardening
- Advanced knowledge in Software Development in Java, Python, Ruby and/or C++
- Advanced knowledge in Linux Expertise
- Advanced knowledge in Dynamic & Static Application Security Scanning (e.g., OPSWAT, OWASP ZAP, BurpSuite, Fortify)
- Experience with vulnerability management tools (e.g., Tenable, Defender), SIEM technologies, and secure configuration baselines
- Experience with Infrastructure Security Scanning, Vulnerability Scanning (NMAP, Azure Defender, AWS Inspector, ACAS/Nessus)
Nice To Haves
- Master’s degree
Responsibilities
- Integrate cybersecurity requirements into system architecture, design, and engineering processes from concept through deployment
- Develop and maintain system security artifacts including Security Plans, Security Controls Traceability matrices, architectural diagrams, and engineering documentation
- Perform security engineering analyses, including threat modeling, vulnerability assessments, and security impact analyses of proposed changes
- Select, tailor, and implement security controls aligned with NIST SP 800-53, CNSSI 1253, the Joint Special Access Program (SAP) Implementation Guide, and/or applicable organizational frameworks
- Communicate risk analysis associated with engineered solutions including mitigation strategies, residual risk and risk-benefit recommendations
- Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures
- Participate in the change management process, including submitting and reviewing Change Requests (CRs) and assisting in the assessment of security impact of proposed changes
- Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M)
- Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization
- Collaborate with ISSOs, system administrators, and development teams to remediate vulnerabilities and ensure secure system configurations
- Communicate with multiple systems owners to address security relevant design and integration requirements for hybrid systems
- Evaluate cloud supporting technologies in areas of encryption, identity and access control, boundary protection, and logging/monitoring
- Support incident response and forensic analysis as needed, ensuring proper coordination with organizational cybersecurity teams
- Support development and execution of governance frameworks for managing and authorizing national security systems
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
